Recently, identity authentication using biological information has attracted attention in an electronic commerce and the like. Different from a system performing biological authentication at a determined place like an access control apparatus installed to a specific facility, time or a place is not selectable in identity authentication that is performed through a mobile terminal such as a portable telephone or a PC. Accordingly, there is a problem in that, by obtaining biological information (for example, a facial photograph in the case of facial image recognition or the like), passing off as a registered person can easily be performed. Accordingly, methods and apparatuses for detecting identity theft have been proposed. For example, in a countermeasure for an identity theft, the security is configured to be strict by consecutively performing identity authentication.
However, in a case where identity authentication is configured to be repeated for strengthening the security, erroneous detection such as an authentication failure may easily occur. Accordingly, there are problems in that user's convenience is degraded and resources for calculation are wasted (as a result, the convenience is degraded). As above, in an identity authentication system, by only configuring the security to be strict, there is a problem in that the convenience is degraded. Accordingly, it is preferable to achieve both the strengthening of security and the maintenance of convenience.