Biometric authentication is getting increasingly popular and demands a wide range of solutions to against increasing cybercrimes and digital identity thefts. This paper proposes a new privacy-preserving cancelable biometric authentication key agreement scheme, which improves the existing authentication scheme based on ECC. We are going to integrate the fuzzy commitment and cancelable biometrics to guarantee the security for user’s biometric information. The cancelable biometrics named as the random distance method (RDM) which can generate non-invertible and privacy-preserving revocable pseudo-biometric identities. The proposed scheme realizes the mutual authentication of participants, and the privacy of biometric information and also can resist the vast majority of existing attacks. We use the widely accepted BPR adversary model to formally prove the safety features of our scheme. Further, the comparison of other existing related schemes shows that the performance of this scheme has greater advantages in terms of computation and communication costs. The experiments demonstrate that this scheme can achieves higher accuracy, while preserving biometric information privacy.