Impossible to know. When you buy physical bitcoins off someone you are putting your trust into them.
The code to create the PDF will automatically generate the keypair and put the QR codes into the bill. It would take modifying the code to remove the private key. Though the printer could also scan the private key themselves to steal them (or also modify the code to make it record them).
That said, when the details of the algorithm are solid and can be translated into php or a bash script, I will be incorporating 3rd party private key addition to the bills (you would print a sheet, sticker it, send it to someone else to print over keypair two and they would sticker and cut it).
So what you're saying is there is no guarantee to their value, which makes them essentially worthless by virtue of being totally unreliable. good job.
They are as reliable as the person that prints them. This is the nature of physical bitcoins.
You could act as a trusted 3d party that they send their bitcoins to, and you can ensure the bills are funded.
The problem is that printing bitcoins is easy, I have had a script to do it sitting in my home folder for quite a while.
If i wanted to, after he started selling his fancy script, I could just release my script for free and crash his business.
There is also the problem of trust, if any one can just buy a kit and print them, then you know someone is going to make a lot with public keys that don't correspond to the private key and then sell them for free money.
The solution is you sell your services as a trusted third party, they do the printing, get the bills just like they like them, then you check to make sure the private keys correspond to the public keys and put your signature (or some better identifying mark) only on the ones that do, then you send them back, they fund them and put the holograms on. Then the people can rest assured that because your mark is on the bill, that the address on the bill corresponds to the private key under the hologram.