As far as I can remember RSA tokens is even more f**d up as they stored the seeds of their customers on their server somewhere. They weren't supposed to do that at all and they had promised their customers not to do so.
I wouldn't trust them any security token or softwarewise.

Can't find the security advisory from their CEO anymore, the former link ends dead. They probably moved it to "can't be found easily". I can find only this German link: https://heise.de/-1210245

That makes "something-you-have" obsolete in this case

EDIT: Sorry, forgot to mention: They did not only store the seeds, they also got them copied by some intruder (=stolen).