Should I choose a certificate stored in my browser or a certificate that is stored on a USB token?
SAFE Identitycertificates are available in software (stored in your browser) and hardware (stored on a SAFE HID USB Token).
A software certificate must be stored in the browser of the PC that you will use to transact business. You may install your software certificate on multiple PCs in order for your certificate to be portable. A software/browser certificate can optionally be set with a password, but a password is not required.
A hardware certificate is stored in a USB token and can be used on any PC on which the USB software utility is installed. This allows more portability of your certificate. Additionally, a USB token is password protected and your certificate cannot be accessed without validation of that password. This creates an extra layer of protection for your certificate. A hardware certificate is a Medium Assurance certificate.
Some applications require that you use a certificate that is stored on hardware, because it offers more security.