This study systematically reviews AI-driven Presentation Attack Detection (AI-PAD) research from 2020–2025, identifying two critical challenges: (1) data scarcity severely limits model generalizability across diverse identity documents and emerging attack modalities; and (2) a “reality gap” (performance discrepancies between private and public benchmark evaluations) and a “synthetic utility gap” (synthetic data failing to capture real-world forensic utility, leading to artifact overfitting). Adopting the PRISMA framework, we classify and evaluate methods spanning deep learning, fine-grained forgery trace analysis, and foundation models. We formally define and empirically validate these dual gaps for the first time. Our work establishes a reproducible, generalizable PAD research paradigm, clarifies the technical evolution trajectory, identifies key research gaps, and proposes a forward-looking roadmap toward secure, robust, and globally applicable AI-PAD systems.

Remote identity verification is essential for modern digital security; however, it remains highly vulnerable to sophisticated Presentation Attacks (PAs) that utilise forged or manipulated identity documents. Although Deep Learning (DL) has driven advances in Presentation Attack Detection (PAD), the field is fundamentally limited by a lack of data and the poor generalisation of models across various document types and new attack methods. This article presents a systematic literature review (SLR) conducted in accordance with the PRISMA methodology, aiming to analyse and synthesise the current state of AI-based PAD for identity documents from 2020 to 2025 comprehensively. Our analysis reveals a significant methodological evolution: a transition from standard Convolutional Neural Networks (CNNs) to specialised forensic micro-artefact analysis, and more recently, the adoption of large-scale Foundation Models (FMs), marking a substantial shift in the field. We identify a central paradox that hinders progress: a critical"Reality Gap"exists between models validated on extensive, private datasets and those assessed using limited public datasets, which typically consist of mock-ups or synthetic data. This gap limits the reproducibility of research results. Additionally, we highlight a"Synthetic Utility Gap,"where synthetic data generation the primary academic response to data scarcity often fails to predict forensic utility. This can lead to model overfitting to generation artefacts instead of the actual attack. This review consolidates our findings, identifies critical research gaps, and provides a definitive reference framework that outlines a prescriptive roadmap for future research aimed at developing secure, robust, and globally generalizable PAD systems.