Identity Card Presentation Attack Detection: A Systematic Review
Esteban M. Ruiz, Juan E. Tapia, Reinel T. Soto, Christoph Busch
TL;DR
This systematic review maps AI-based PAD for identity documents from 2020–2025, revealing a shift from general DL to forensic micro-artefact analysis and to foundation-model-based approaches. It identifies a Reality Gap between private, large-scale data and public benchmarks, a Synthetic Utility Gap where synthetic data may fail forensic relevance, and a Paradigm Gap that motivates FM-driven generalisation and privacy-preserving strategies. The authors synthesize architectures, datasets, metrics, and benchmarking efforts, and propose a prescriptive agenda emphasizing federated/privacy-preserving evaluation, FM-enabled forensic generalisation, and dedicated, interpretable metrics. The work highlights the need for robust, globally generalisable PAD systems to secure remote identity verification against evolving presentation attacks. Overall, the review provides a pragmatic roadmap for bridging research with real-world deployment through data-efficient, privacy-conscious, and explainable approaches.
Abstract
Remote identity verification is essential for modern digital security; however, it remains highly vulnerable to sophisticated Presentation Attacks (PAs) that utilise forged or manipulated identity documents. Although Deep Learning (DL) has driven advances in Presentation Attack Detection (PAD), the field is fundamentally limited by a lack of data and the poor generalisation of models across various document types and new attack methods. This article presents a systematic literature review (SLR) conducted in accordance with the PRISMA methodology, aiming to analyse and synthesise the current state of AI-based PAD for identity documents from 2020 to 2025 comprehensively. Our analysis reveals a significant methodological evolution: a transition from standard Convolutional Neural Networks (CNNs) to specialised forensic micro-artefact analysis, and more recently, the adoption of large-scale Foundation Models (FMs), marking a substantial shift in the field. We identify a central paradox that hinders progress: a critical "Reality Gap" exists between models validated on extensive, private datasets and those assessed using limited public datasets, which typically consist of mock-ups or synthetic data. This gap limits the reproducibility of research results. Additionally, we highlight a "Synthetic Utility Gap," where synthetic data generation the primary academic response to data scarcity often fails to predict forensic utility. This can lead to model overfitting to generation artefacts instead of the actual attack. This review consolidates our findings, identifies critical research gaps, and provides a definitive reference framework that outlines a prescriptive roadmap for future research aimed at developing secure, robust, and globally generalizable PAD systems.