You don't need to identify the user, just be able to show that two tokens are the same user and invalidate, log out both users, and make them generate a new token. You can sell your license to kids today, but it doesn't scale and is a terrible idea to give a kid an ID to a place you frequent.
So basically how it is today with phone verification. There are websites where you can pay $5 to borrow a phone number to verify a particular service. Except you only get one at a time.
Your idea also amounts to preventing ban evasion by linking a government ID to each account, which is on of the criticisms of linking accounts to government ID. And preventing multiple accounts even when not used to ban-evade..
And are you going to give the government N^2 queries every day?
