Several of the Sept. 11 hijackers used false identification documents. False ID is a pervasive phenomenon, ranging from juveniles buying beer to laborers without green cards getting work.

Oddly, making or having false ID is not itself a crime. This issue has been around for more than two decades.

There are several ways to make identity cards harder to fake, though none of them can overcome the unavailability of any sort of "ground truth" about identity.

Everything goes back to birth certificates, which are trivially simple to forge. The relationship between you and the piece of paper recording that someone with your name was born where you were born on your birth date is very thin indeed.

Civil liberty concerns pose another barrier to any effort to make ID fraud harder. Some of those concerns are real, some imaginary, and some reflect a desire that certain laws, notably the immigration laws, not be enforceable.

Until now, the concern about a national identity database -- in effect, an online census -- has made the whole idea of a verifiable identity card a non-starter.

But there might be a valuable compromise.

Imagine a hard-to-fake, machine-readable "smart card" containing just three items: a name, some sort of data that is both easy to transmit and checkable against the bearer's body, such as a digitized fingerprint or retina scan, and a unique number kept on an easily accessible list, incorporating some of the digits of that biometric data.

Cards would be issued only to those who could show either that they were citizens or that they had legally entered the country, and the name on the card would have to match birth or immigration records or legally recorded name changes.

If everyone were only allowed to have one card, or if the online list of numbers contained names as well, the number on the card would be virtually a national ID number. If the database makes a record every time the card is checked against it, the government could track individuals with ease.

But what if people were allowed to have multiple cards and, thus, multiple numbers? What if the online list contained only numbers and not names, and if queries to the database were strictly one-way, with no record made?

Then the card would be good for only one purpose: demonstrating that the person who holds it is the person whose name appears on it, and that he or she is lawfully in the country.

Even if hocusing the card is easy, hocusing the number on the card onto the online list could be made hard. As long as the number includes several digits' worth of biometrics, I can't use your card because the number on the card either won't reconcile with any number on the list or won't match my biometrics.

A carefully guarded central registry, not available for ordinary use, would contain the base information, including the names. That would allow the cancellation of all the numbers corresponding to an individual if fraud were detected in the base documents or if the person's legal permission to be in the country were to expire.

As long as it's possible to fake base documents, the system can't be foolproof.

But we just made faking identity a big problem, not a little problem, for the person or organization trying to deal drugs or blow up buildings, as well as the person trying to use a stolen credit card.