What could be causing a user to continue receiving the pop-up warning that their token will expire in xx days, even though they have successfully imported an validated a new token using the ‘replace with token’ feature. I have verified the old token is no longer assigned to the user in the RSAConsole.
Do they still have the old token in their app? If so they should delete it. The auto-unassign of replaced tokens happens on the servers; it doesn't automatically delete the old token from the RSA Token App on the user's device.