Biometric authenticators aim to provide a safe, secure, and accurate authentication process in restricted areas. Despite their advantages, biometric authenticators are vulnerable to cyber-attacks, such as spoofing attacks. Spoofing attacks enable malicious actors to masquerade as someone else to gain illegitimate access or privilege. To proceed, the attacker forges fake biometric data or duplicates existing ones. In such a context, the evaluation of the robustness of biometric authenticators is paramount to assessing their resilience potential and derive deployment strategies. Through this work, we propose a generic assessment method, based on a metric which quantifies the robustness of biometrics against cyber-attacks. Our methodology can be adapted to different families of cyber-attacks targeting biometric authentication techniques. We demonstrate our approach by considering spoofing-attacks. To achieve this objective, we present an extended state-of-the-art of biometrics (physiological and behavioural), including emerging biometric technologies. We also provide an overview of spoofing-attacks for each identified biometric mechanism in the literature. Based on this knowledge, we quantify and we combine the characteristics of such attacks into a quantitative robustness metric which can be applied to both a single and a combination of authenticators.