Generating unique id in android (UUID)
I've used this before and working fine for me.
public String createTransactionID() throws Exception{
return UUID.randomUUID().toString().replaceAll("-", "").toUpperCase();
}
Your UUID depends on three of different IDs, all of which are easily changeable. There is no way to be sure whether this is the reason, but looking at the code here:
SSN (SIM serial number)
getSimSerialNumber() gets you SSN for the sim card attached. A simple way to generate a different UUID for same device would be simply to insert a different sim card. Which I know is cumbersome, but doable nonetheless.
IMEI/MEID
getDeviceId() returns IMEI or MEID. So another way would be to change the IMEI of the device. If you only google "change phone IMEI without root" you will get loads of doable results. Which might be an easier way (if automated).
Android Device ID
ANDROID_ID according to docs changes with each time phone is restored. So again user can change UUID just by restoring phone.
Since your UUID is based on a chain of three unique ids fooling the system is as easy as the weakest link in your chain. ANDROID_ID being the strongest link in this chain I'd recommend you to only use it instead. Refer to this link as an alternative.
EDIT:
While ANDROID_ID is still the best way to recognize previous users there have been some updates to its use and uniqueness since Oreo. Visit the #ANDROID_ID page for more details.
A summary of the changes are:
Each ANDROID_ID on apps targeting Android Oreo or later and installed on Android Oreo or later are unique by the user who installed the app, the app's signature (essentially different for different apps but not necessarily) and the device. So while you will still get the same id in most cases, installing the app as a different user will still generate a different ANDROID_ID. These changes are made to protect user's privacy.
There have also been updates on permissions for ANDROID_ID.