Confused identification with authentication.
The basic problem with the USA's SSN is that it confused identification with authentication.
They should keep the SSN as an identifier, but introduce something new for authentication - something that can be revoked or changed when it becomes compromised.
The best answer from the point of view of security would be something based on public-private keys. However the hard bit is finding a way where everyone can safely and securely manage and use their key(s).