> If I buy something online my payment and delivery address is all they should need.
That's what verifying your identity is for. The payment. This cuts down on fraud. My credit cards often require me to enter a code they text me for a purchase to go through, when it's somewhere online I've never shopped before. That's confirming my identity. And my credit card needed my identity originally to look up my credit history, because they're literally loaning money.
Businesses want to know who you are to reduce fraud. Otherwise people input stolen credit cards, the charges get reversed, and the business is out of merchandise and money.
Obviously if you pay in something irreversible like Bitcoin then a business generally couldn't care less who you actually are, as long as there aren't any know-your-customer regulations (like if you're a bank or the address is in a sanctioned country etc).
The "credit card" model for buying stuff seems to be flawed. When you give some company your credit card number and CVV to buy something, they could always turn around and give the number to someone else.
The fix is very simple, but requires more interaction: (1) You ask merchant for stuff (2) Merchant sends you a "money claim" (3) you sign your money claim (4) the merchant takes the signed claim to the bank (5) the bank verifies the signature using your public key (6) bank transfers the money to merchant from your account
Absolutely, credit cards are insanely insecure, everything that is needed is written on it. I don't know why we are stuck with this archaic American system. They patched it with a form of 2FA (Mastercard 3D Secure / Visa whatever) but it's still really patchy and in many cases is not even triggered at all even for big purchases.
But here in Europe we have much better payment methods like iDeal in Netherlands and Bizum in Spain (now going pan-EU with Wero)
That's basically how PSD2/SEPA payment flows function in Europe if there is a functional eID system. I think I've used such a system for nearly a decade now.
That's what verifying your identity is for. The payment. This cuts down on fraud. My credit cards often require me to enter a code they text me for a purchase to go through, when it's somewhere online I've never shopped before. That's confirming my identity. And my credit card needed my identity originally to look up my credit history, because they're literally loaning money.
Businesses want to know who you are to reduce fraud. Otherwise people input stolen credit cards, the charges get reversed, and the business is out of merchandise and money.
Obviously if you pay in something irreversible like Bitcoin then a business generally couldn't care less who you actually are, as long as there aren't any know-your-customer regulations (like if you're a bank or the address is in a sanctioned country etc).