Because so many people have our information, and we can’t really change that information, we can no longer authorize transactions based only on having that data. It’s pretty obvious when you think about it. What we’re going to have to do is some sort of composite authentication, where you have multiple factors in place at once, and at least one of those will likely include a live visual component. Expect in-person authentication to become a lot more popular in coming years, with services like notaries getting used more frequently. And as the technology becomes available, expect to see digital forms of in-person identity validation as well—things like proving you’re at a particular location, doing bio-based auth, someone not validating that you are you unless they can see you and talk to you, etc.
Daniel Miessler’s response to the Equifax data breach — and data breaches in general — seems rational to me. Online verification of identity was always suspect and it makes sense that we move authentication back to the physical world. It’s not a perfect solution but I think it’s better than what we have now.