Voice authentication systems (VAS) face increasingly sophisticated threats, including data poisoning, adversarial attacks, deepfakes, and adversarial spoofing. This paper introduces the first unified taxonomy to systematically analyze attack paradigms, benchmark datasets, evaluation metrics, and performance bottlenecks of VAS and countermeasure modules (CMs) from 2018–2024. Leveraging empirical analysis of speaker embedding vulnerabilities, we integrate adversarial sample generation, deepfake detection, and CM robustness evaluation to establish a comprehensive threat classification framework spanning the full attack chain. We rigorously assess state-of-the-art defense methods, identifying critical limitations: insufficient model generalization, poor cross-domain transferability, and lack of adaptability to dynamic attacks. Our findings provide both theoretical foundations and practical guidelines for developing next-generation VAS with enhanced security and robustness.

Voice authentication has undergone significant changes from traditional systems that relied on handcrafted acoustic features to deep learning models that can extract robust speaker embeddings. This advancement has expanded its applications across finance, smart devices, law enforcement, and beyond. However, as adoption has grown, so have the threats. This survey presents a comprehensive review of the modern threat landscape targeting Voice Authentication Systems (VAS) and Anti-Spoofing Countermeasures (CMs), including data poisoning, adversarial, deepfake, and adversarial spoofing attacks. We chronologically trace the development of voice authentication and examine how vulnerabilities have evolved in tandem with technological advancements. For each category of attack, we summarize methodologies, highlight commonly used datasets, compare performance and limitations, and organize existing literature using widely accepted taxonomies. By highlighting emerging risks and open challenges, this survey aims to support the development of more secure and resilient voice authentication systems.