A security control system is provided for interactively identifying and authenticating the authorization of a user of a communications terminal, and optionally providing a means for decoding and encrypting communications signals transmitted to and from the terminal. The system utiizes a security unit that is associated with the terminal, and requires that an encryption device which has been assigned to the user be received in a port that is defined by the security unit in order that the security unit can respond properly to query signals which are sent along a communications link that couples the terminal to other communications equipment. Communications units at both ends of the communications link operate in synchronization such that each new authentication query signal that is sent from one of the units will be answered by an appropriate, newly calculated authenticating signal from the other, whereupon the unit that has sent the query signal checks the received response for correctness of calculation. A feature of the invention resides in requiring that each newly requested authenticating signal differ in a calculated manner from a previously sent authenticating signal, with the manner in which sequential authenticating signals differ being determined, at least in part, by the unique character of the user-assigned encryption device. Optional features that can be included in the encryption device include capabilities to select stored algorithms for use in encrypting, decoding and updating stored encryptions, and to effect control of system operation.