A software token is lost when a user leaves the company. Myth shattered!
When a software token app user leaves a company, the token doesn't leave with them. It can be unassigned and reassigned with a new shared secret. Shhhhhhhhh!
The Authentication Manager generates a new token record at deployment time; meaning it can be redeployed and your investment doesn't go down the drain.
All this can be done without having to take possession of the mobile device. Even the type of device isn't an obstacle. A BlackBerry token can be reprovisioned as an Android token, just like that!
See? Security can be simpler than you think.