Certificate authorities with brick and mortar locations would be an improvement over the current USA situation of SSN+DOB as master password to all IRL accounts. Checking a drivers license IRL is better than looking at an uploaded scan or photo. They could use those box scanners casinos use.
The main issue is minimizing cost. Dot com companies and banks don't want to pay for this so they peg online identities and account security to SMS effectively pushing off the problem to cellular companies. Cellular companies lack the competence to handle IAM. Opening a branch in every city is very expensive and companies don't want to even pay ~$10 for an offshore script reader to check a SMS code and verify "public information" off a credit report.
Credit card companies that are already liable for fraud usually settle for SSN+DOB, ID scans and aforementioned Equifax data verification because fraud losses are cheaper than in person due diligence.
The main issue is minimizing cost. Dot com companies and banks don't want to pay for this so they peg online identities and account security to SMS effectively pushing off the problem to cellular companies. Cellular companies lack the competence to handle IAM. Opening a branch in every city is very expensive and companies don't want to even pay ~$10 for an offshore script reader to check a SMS code and verify "public information" off a credit report.
Credit card companies that are already liable for fraud usually settle for SSN+DOB, ID scans and aforementioned Equifax data verification because fraud losses are cheaper than in person due diligence.