Hi, I was wondering what happens to expired soft tokens on a mobile device. Does the file remain on the user's phone and the user then has to manually delete it or does the SecurID application take care of that when the expiry occurs? Obviously the user has to replace that token on RSA but in terms of the already imported soft token what happens to it once the expiry date hits and it is in the user's phone?
The token remains in the application on the phone until one or both are removed from the phone.
If the Token was distributed from Authentication Manager, AM 8.2 SP1 or later, the expiration or death date on the phone shows as Dec. 31 2035 - which means this token can be extended at the AM server by applying another token, thereby avoiding the need to distribute and deliver a replacement token to the phone.
Whether or not this token can actually be used to authenticate a user is entirely dependent on actions taken at the AM server (assuming version AM 8.2 SP1 or later).