Cancellable biometrics is a biometric template protection method that generates a noninvertible identifier from the original biometric template by means of a parameterized transformation function and user/application-specific parameters such as token or password. However, the necessity to input additional factor besides biometrics, jeopardizes usability of the biometrics and security. In this paper, a one-factor cancellable biometrics scheme namely Extended Feature Vector (EFV) hashing, which requires sole biometric as input is proposed. The EFV hashing utilizes a permutated key that separated from the biometric data, to serve as identifier for matching. The crux that enables one-factor authentication in this scheme is the permutation seed of the key is derived from the biometric features of the user, but not from second factor as in existing schemes. The evaluations have been carried out with FVC 2002 and 2004 databases and attest the proposed method satisfies cancellable biometrics design criteria. We also analyze four privacy and security attacks that targeted to this scheme.