There are various methods to secure the data on a USB flash drive:
• Software encryption. The cheapest solution, some secure USB keys will come with software that encrypts data for you. Unlike their hardware-based counterparts, this is often little more than individual encrypted files on the drive. However, this may be all you need, and since the security software is bundled free bundled with standard USB flash drives, they're often very cheap and affordable.
• Hardware encryption. To prevent any chance of hacking a software security solution, more secure devices use on-board chips to encrypt and decrypt on the fly, with keys stored on the device itself. This also allows for an entire partition on the device to be encrypted, as well as prevent this secure partition from being read on a machine where the password isn't known. To ensure the device is always readable by a user with the password, a second unencrypted but read-only partition is included that carries the necessary software to unlock the encrypted partition. It's the optimal solution in terms of secure USB flash drive encryption, but it also costs more as a result.
• Password strength. Different products place different emphasis on how strict the password must be. As a minimum most devices will insist on upper and lower-case characters and a numeral, while others won't let you proceed unless the password meets these guidelines plus the inclusion of a special character. Good for security, harder to remember. Hardware-encryption based devices also validate the password on the device itself, preventing hacking involving reading regions in memory of software on the PC to determine legitimate passwords.
• Tamper prevention. Like encryption this can be broken down into hardware and software. Hardware is often very sophisticated and only found on the most expensive devices, and usually entails circuitry to detect physical tampering. Software can be as simple as the device secure wiping itself if the incorrect password is entered too many times (see Fail-safe wipe, below), preventing brute-force attempts to gain access.
• Physical security. Technically as non-volatile RAM the chips on-board a USB drive could be manually removed in an attempt to raw-read data, so to make this as hard as possible some drives incorporate solid nigh-unbreakable designs or, like the Ironkey, throw in an interior swamped into an epoxy to make a dismantled USB drive little more than an artistic show-piece.
• Fail-safe wipe. Also, known as a self-destruct, this is triggered if the wrong password is entered too many times or when restored as a new device with a new password set (for example to be given to a new user). In these situations you want to make sure there is no data left behind, and so a destructive wipe is employed to zero or randomise all sectors on the device to prevent any data from being recovered.
Secure USB flash drives can incorporate some or all of these features, it really depends on the make and model of the device. Ultimately the goal is the same however: to safeguard your data.