This paper proposes a robust biometric authentication scheme against replay attacks using one-time biometric templates. The method generates one-time, non-replayable biometric templates through a combination of deep learning, biohashing, and cryptographic hashing and symmetric encryption. The scheme is generic and can be applied to any biometric modality, including face and fingerprint. Biometric features are extracted using deep learning and then protected with biohashing, a cancelable biometric scheme. A cryptographic hashing and symmetric encryption step ensures the generation of a one-time, non-replayable template. The method is tested on two common biometric databases, from faces and fingerprints, and the results confirm its efficiency and robustness to attacks under a rigorous threat model. The proposed scheme meets several security and privacy requirements, including protection against replay attacks, revocability, unlinkability, and non-invertibility of biometric data. It is designed to be secure, privacy-compliant, and usable for user authentication. The scheme is implemented in a secure element (e.g., SIM card, TPM) to ensure end-to-end security of biometric data. The method is evaluated using two scenarios: a normal context where the impostor does not know the secret, and an attack context where the impostor knows the secret. The results show that the proposed method is highly effective in both scenarios, with high accuracy and low error rates. The scheme is also evaluated for the impact of BioCode size on performance and robustness, showing that larger BioCodes improve performance and robustness. The proposed method is compared with other works in the literature and is found to be effective in preventing replay attacks and ensuring the authenticity of biometric data. The scheme is also evaluated for its ability to handle different biometric modalities and its suitability for practical applications. The proposed method is a robust solution for user authentication that addresses the challenges of replay attacks and ensures the privacy and security of biometric data.This paper proposes a robust biometric authentication scheme against replay attacks using one-time biometric templates. The method generates one-time, non-replayable biometric templates through a combination of deep learning, biohashing, and cryptographic hashing and symmetric encryption. The scheme is generic and can be applied to any biometric modality, including face and fingerprint. Biometric features are extracted using deep learning and then protected with biohashing, a cancelable biometric scheme. A cryptographic hashing and symmetric encryption step ensures the generation of a one-time, non-replayable template. The method is tested on two common biometric databases, from faces and fingerprints, and the results confirm its efficiency and robustness to attacks under a rigorous threat model. The proposed scheme meets several security and privacy requirements, including protection against replay attacks, revocability, unlinkability, and non-invertibility of biometric data. It is designed to be secure, privacy-compliant, and usable for user authentication. The scheme is implemented in a secure element (e.g., SIM card, TPM) to ensure end-to-end security of biometric data. The method is evaluated using two scenarios: a normal context where the impostor does not know the secret, and an attack context where the impostor knows the secret. The results show that the proposed method is highly effective in both scenarios, with high accuracy and low error rates. The scheme is also evaluated for the impact of BioCode size on performance and robustness, showing that larger BioCodes improve performance and robustness. The proposed method is compared with other works in the literature and is found to be effective in preventing replay attacks and ensuring the authenticity of biometric data. The scheme is also evaluated for its ability to handle different biometric modalities and its suitability for practical applications. The proposed method is a robust solution for user authentication that addresses the challenges of replay attacks and ensures the privacy and security of biometric data.