How would you solve this security problem?

Steve Riley sent me an email message about a post on his blog.  He needs feedback from all of you on how to solve a challenging problem.  The challenge revolves around using public computers or kiosks to access your corporate data.  If we all used smartcards, and all machines had smartcard readers, then we’d have a nice multi factor auth system.  However, smartcard utopia doesn’t exist.

You can read a nice description of the problem at https://blogs.technet.com/steriley/archive/2006/04/20/425824.aspx

So what would you like a two factor authentication system to look and act like?  Give Steve some good feedback at the post linked above.

My solution would be to create a smartcard emulator on a USB flash “drive”.  Securely store the certs on the device.  USB is a pretty prevalent port on machines, at least more so than anything else I can think of.  Would that work?