Fuzzy vault is a scheme providing secure authentication based on fuzzy matching of sets. A major application is the use of biometric features for authentication, whereby unencrypted storage of these features is not an option because of security concerns. While there is still ongoing research around the practical implementation of such schemes, we propose and analyze here an alternative construction based on subspace codes. This offers some advantages in terms of security, as an eventual discovery of the key does not provide an obvious access to the features. Crucial for an efficient implementation are the computational complexity and the choice of good code parameters. The parameters depend on the particular application, e.g. the biometric feature to be stored and the rate one wants to allow for false acceptance. The developed theory is closely linked to constructions of subspace codes studied in the area of random network coding.