That isn't why its implemented though. Its implemented because its often a government requirement. Gambling websites usually have a similar sort of system in place, where you can only deposit/withdraw large amounts once you have verified your identity.

I'm not even sure how someone could cheat on an exchange.

Instead of saying: We should spy internet and secure it from criminals.
You guys are literally saying that we should simply move away from some services just because criminals would try pirate it in order to steal your identity .... instead of saying that we should improve the security over internet, that we should check the identity of EVERYONE over internet so nobody can steal you/hack a database without being tracked and arrested.
[/quote]
No, not all of us are claiming that identity theft is a massive issue. Although, it definitely is an issue so we can't ignore that, but a proper exchange or any service for that matter should be storing this kind of information off the server, rather than live.

We are saying that users of these platforms should be thinking more about their privacy, and should be valuing it more. The fact that, selling on data is a lucrative business, is something we have all probably become aware of in modern times. How many times, have you received a spam phone call? Now, sometimes this might be by random, and the caller is doing a brute force approach, but often it can be because someone has sold on the data.

Ignoring the difficulty of this, which I don't believe is easy either online or offline. The fact is, when your data is compromised on the internet, its likely not just your details which have been compromised, but thousands or even millions of users, which makes it a lucrative business. You might be right that a physical theft might be easier, but you're probably going to leave a trace if you aren't a Ninja. On the internet, there are ways of concealing your identity, things like Tor are probably used by criminals frequently, and that's probably why there are rumours that the government also host exit nodes, to catch them.

However, to get to my original point. Lets just assume your statement is correct, that doesn't mean we should just ignore the very real fact that servers, and data get compromised a lot more on the internet, this is simply because; its a larger target area. You likely, only know around <100 people that know your real life address, and most of them and won't be interested in criminal activities, but on the internet someone doesn't personally need to know you, they just need to know where the service stores their data. They don't need any personal connection to you, and thus there will be more malicious users, trying to steal data, than in a physical way.