This KB article provide instructions how you can remove the Delete privilege to delete the credentials of a user from Manage Authentication Credentials screen visible from Global Admin links.

Strong Authentication

Release: 9.1.5.1

Below steps should be followed to remove the Delete privilege from ad administrator.

• Follow this KB-article which provide instructions to create a custom role. Create a custom-role by moving 'Delete Credentials' to 'Unavailable Privileges' which basically remove the Delete privileges from a role.
• Create an administration with the above custom role
• Login to administration created in Step2
• Try deleting credentials from 'Manage Authentication Credentials'
• You will see an error message-  ['Administrator '<Admin-name>(Organization: <Orgname>)' does not have privilege to perform this operation ('Delete Credential ')]