The digital certificate is bound in USB KEY.
USB Key has built-in CPU or smart card chip, which can realize various algorithms of data collection, data encryption and decryption and signature used in PKI system. The encryption and decryption operations are carried out in the USB Key, which ensures that the user key will not appear in the computer memory, thus eliminating the possibility that the user key will be intercepted by hackers.
So as long as you don't lose this U disk account, it is generally safe.