User's terminal having established physical connection with access network utilizes user's information saved in module of user's id as user's id. Authentication begins between authenticating entity and user's id. Based on user's id, authenticating entity captures second random number in use for authenticating user's terminal, and based on shared secrecy data saved on network side, second authentication data corresponding to second random number are calculated out. First authentication data are obtained from calculating random number of user's terminal and own saved shared secrecy data. Authentication server compares first authentication data with second authentication data. If they are identical, then authentication is successful; otherwise authentication is failed. Features of the invention are safety, low cost and easy of operation. |