The token would have the only copy of the private key and not disclose it for any reason. If you wanted to remove the bitcoins you would send a receiving address to the token and it would return a transaction you could send to the network. At this point the token would assume that the balance was gone and change the built in indicator to show this. That way someone could not pass of the token as still having value.
For reloading you would have the token generate a new private key and send coins to its public address. Then once that was confirmed by the block chain you could go to a kiosk owned by the token manufacturer and reset the indicator to show that the balance was present.
This would allow you to be certain of the value of the token without any connection to the bitcoin network.
I still don't see why a token needs to be told its value, except perhaps at the moment you're asking it to sign a transaction.
If you're sending it an address to remove the bitcoins, why can't the amount be sent at this time?
If you need a reader to read out the fact that the token has any given balance, couldn't that same reader just tell from the block chain? It would be more accurate that way.
Unless someone wants to make a closed proprietary system like Visa, and implement "security by obscurity" like the satellite companies do (which are constantly getting hacked), such a "token" would most likely be an industry standard smart card - which could be programmed to do anything, like lie about its balance. I wouldn't consider it secure to believe a token that self-reports its own balance. It is best if the smart card is "trusted" only to keep secrets, not to tell the truth.
If you want to experiment with smart cards - consider basiccard.com - which looks like an entry level system for user-programmable smart cards.