[ants_a]

Over here we use a PKI cert for that. A smartcard providing the root of that trust is provided by the government after verifying your identity using the typical stuff used for identity documents (any biometric data on file, birth certificate, etc.). That still doesn't mean that it's impossible to steal an identity, or acquire a made up one, but it does make it a whole lot harder.

[nemomarx]

The thing about social security is that it was supposed to be used for a fairly narrow system, and the physical cards even have text like "not to be used as identification" on them. And then we used it for that anyway

[namibj]

The German equivalent to the SSN in it's ubiquity, the "federal tax id", is illegal to use for non-tax purposes.

As a German that feels about correct.

[salawat]

SSN is technically the same. The Social Security Act, actually has that point explicitly called out. Did anyone listen? Nope.

[namibj]

Do they have penalties in the 5+ digits for each such offense?

[salawat]

Wouldn't matter. No one is interested in enforcing it, and there is too much value in the datapoint to credit rating agencies to tear the entire edifice down. Hell, back in 2011, I was part of a group migrating away from SSN usage at the Federal level. The biggest delay? Waiting for another semantically compatible I'd to manifest. TIN (taxpayer identification number) could be synthetically combined with a couple other ID's in the dataset such that they could finally retire the SSN's we weren't supposed to be using in the first place.