The authentication method is via comminication. SMP generates the key for an authorized admin and attributes are installation number and user ID, who is then displayed the key. Normally they email it to the user ID then. That user ID then enters the key when prompted for it.
There is not automation is the registration nor deactivation of keys. Deactivating the key on SMP only has a licensing implication for the number of developers you have registered. Possibly during a license audit by SAP they might complain that deactivated SMP keys for a user are not only in the DEVACCESS table (that on it's own is not a problem), but the user is also actively working as a developer (that might be a problem, from licensing perspective.
Cheers,
Julius