My guess, and my understanding is that it probably uses the same tech that most enterprise WiFi networks use. They probably send fake deauth packets in order to disconnect stations. A lot of enterprise wireless solutions also do this for the following:
(1) Removing security risks: You really don't want people running their own WiFi access point plugged into the corporate network.
(2) Removing interference: In order to remove interfering APs / stations from the network, it deauths them in order to disconnect them.
For those interested, the "This Week In Enterprise Tech" podcast covers this whenever it makes the news, and they go into some detail into what's happening (yes, it's deauth packets).
They also have a pretty good back and forth on the issues about it. One can probably find it in the show notes if you want to find out which casts have covered it already.
(1) Removing security risks: You really don't want people running their own WiFi access point plugged into the corporate network.
(2) Removing interference: In order to remove interfering APs / stations from the network, it deauths them in order to disconnect them.
You can learn more about the mechanisms used here: https://en.wikipedia.org/wiki/Wireless_intrusion_prevention_...