I recently read how a Finnish YouTuber got into serious trouble by accidentally showing a paper in one of his videos that had his social security number printed on it. Because that guy is quite famous and also disliked by many the immediate consequence of that video being published was an avalanche of orders made in his name by phone by identity thieves. He does not have enough time to stay on top of canceling everything. The police can't do anything. The only thing that can be stopped is credit being taken in his name.
Credit: www.epictop10.com
The fact that you can order anything over the phone by giving your social security number, your full name and your current address is a recipe for disaster in my opinion. If your mailbox cannot be locked or if you don't have a paper shredder with which to shred all papers with your SSN and full name printed on it, you might want to considering buying those.
The first thing that should be required of merchants or other service providers is strong identification of customers through an identity provider. In the Nordic countries, Danske Bank is used by many security-critical online services.
SSN is highly insecure. It is easy for it and one's full name to get into the wrong hands from a service provider. The consequences of identity theft can be very serious. It is boggles the mind that such a method has ever been deemed acceptable.
Hive has a pretty good layered key system. I wonder if the general public could be expected to responsibly handle a similar system with multiple private keys of differing authorities for different types of transactions or having different temporal limitations, for instance. Such a system would have to have a central authority capable of invalidating a master key and issuing a new one by a procedure similar to passport application. It is guaranteed that a number of would misplace their master keys. It would be, however, a step in the right direction if at the core of one's electronic identity there were a private master key that could be changed - or re-issued together with a central authority. Identity theft would be unlikely cause long-time problems for anyone.