There are a ton of individuals and big companies in tech working through standardization bodies to create an identity layer for the internet, that no single organization is in control over. Google is not among them.
There's no way to do one-to-one identity verification and authentication without centralized coordination and control. Just as an example, even if we really wanted to there'd be now way to let only one CA issue a certificate for a domain if any of the CAs is rogue.
What is an important distinction, since there exist situations when even hard to follow procedures are better than a centralized option. Those are just not your daily "how do I know if I can show you my credit card" situations.
You do get in front of the other person and exchange public keys. Or you ask for help from a set of trusted middle-man. Those are perfectly fine ways to run a PKI, they are just not fit for the "entire web" PKI.
Those methods really don't scale by the fact that we haven't had a single system like that catch any popularity. It's usually just too cumbersome and not more trustworthy.