[Cryptography] After Equifax pwning, what is the best means for replacing the SSN?

[John Levine]

In article <CAHVSqQcWYU=Ts4+PKyR77q8DRQ4+W1DzZ8dwHFWVRHaBNWaGKA at mail.gmail.com> you write:
>Maybe I'm misunderstanding, but isn't this fairly easy?  Just invent a fine
>for companies that use SSN as an authentication mechanism.  Or any
>identifier that is knowingly public, including having been made public by a
>security breach.

My preference is to say that any transaction validated with an SSN is
presumed fraudulent and is voidable on request.  Fines are hard, they
require courts and such.

R's,
John