diff --git a/app/controllers/concerns/idv/document_capture_concern.rb b/app/controllers/concerns/idv/document_capture_concern.rb index bbe1fea8b37..c9e5e7af77f 100644 --- a/app/controllers/concerns/idv/document_capture_concern.rb +++ b/app/controllers/concerns/idv/document_capture_concern.rb @@ -46,7 +46,7 @@ def stored_result end def selfie_requirement_met? - !resolved_authn_context_result.biometric_comparison? || + !resolved_authn_context_result.facial_match? || stored_result.selfie_check_performed? end diff --git a/app/controllers/concerns/idv_session_concern.rb b/app/controllers/concerns/idv_session_concern.rb index 8c47272811f..27346830ccb 100644 --- a/app/controllers/concerns/idv_session_concern.rb +++ b/app/controllers/concerns/idv_session_concern.rb @@ -17,7 +17,7 @@ def hybrid_session? end def idv_needed? - user_needs_biometric_comparison? || + user_needs_facial_match? || idv_session_user.active_profile.blank? || decorated_sp_session.requested_more_recent_verification? end @@ -59,8 +59,8 @@ def idv_session_user current_user end - def user_needs_biometric_comparison? - resolved_authn_context_result.biometric_comparison? && - !idv_session_user.identity_verified_with_biometric_comparison? + def user_needs_facial_match? + resolved_authn_context_result.facial_match? && + !idv_session_user.identity_verified_with_facial_match? end end diff --git a/app/controllers/concerns/idv_step_concern.rb b/app/controllers/concerns/idv_step_concern.rb index 2fd730152ad..ed417070ca7 100644 --- a/app/controllers/concerns/idv_step_concern.rb +++ b/app/controllers/concerns/idv_step_concern.rb @@ -108,7 +108,7 @@ def flow_policy def confirm_step_allowed # set it everytime, since user may switch SP - idv_session.selfie_check_required = resolved_authn_context_result.biometric_comparison? + idv_session.selfie_check_required = resolved_authn_context_result.facial_match? return if flow_policy.controller_allowed?(controller: self.class) redirect_to url_for_latest_step diff --git a/app/controllers/idv/document_capture_controller.rb b/app/controllers/idv/document_capture_controller.rb index b6e456ce0d3..57f15a18acc 100644 --- a/app/controllers/idv/document_capture_controller.rb +++ b/app/controllers/idv/document_capture_controller.rb @@ -54,7 +54,7 @@ def extra_view_variables skip_doc_auth_from_how_to_verify: idv_session.skip_doc_auth_from_how_to_verify, skip_doc_auth_from_handoff: idv_session.skip_doc_auth_from_handoff, opted_in_to_in_person_proofing: idv_session.opted_in_to_in_person_proofing, - doc_auth_selfie_capture: resolved_authn_context_result.biometric_comparison?, + doc_auth_selfie_capture: resolved_authn_context_result.facial_match?, }.merge( acuant_sdk_upgrade_a_b_testing_variables, ) @@ -100,8 +100,8 @@ def analytics_arguments analytics_id: 'Doc Auth', redo_document_capture: idv_session.redo_document_capture, skip_hybrid_handoff: idv_session.skip_hybrid_handoff, - liveness_checking_required: resolved_authn_context_result.biometric_comparison?, - selfie_check_required: resolved_authn_context_result.biometric_comparison?, + liveness_checking_required: resolved_authn_context_result.facial_match?, + selfie_check_required: resolved_authn_context_result.facial_match?, }.merge(ab_test_analytics_buckets) end diff --git a/app/controllers/idv/hybrid_mobile/capture_complete_controller.rb b/app/controllers/idv/hybrid_mobile/capture_complete_controller.rb index 7b84e668ae6..e92a7a7fd84 100644 --- a/app/controllers/idv/hybrid_mobile/capture_complete_controller.rb +++ b/app/controllers/idv/hybrid_mobile/capture_complete_controller.rb @@ -24,7 +24,7 @@ def analytics_arguments flow_path: 'hybrid', step: 'capture_complete', analytics_id: 'Doc Auth', - liveness_checking_required: resolved_authn_context_result.biometric_comparison?, + liveness_checking_required: resolved_authn_context_result.facial_match?, }.merge(ab_test_analytics_buckets) end end diff --git a/app/controllers/idv/hybrid_mobile/document_capture_controller.rb b/app/controllers/idv/hybrid_mobile/document_capture_controller.rb index a939cb95929..e6cf6eb809c 100644 --- a/app/controllers/idv/hybrid_mobile/document_capture_controller.rb +++ b/app/controllers/idv/hybrid_mobile/document_capture_controller.rb @@ -45,7 +45,7 @@ def extra_view_variables mock_client: doc_auth_vendor == 'mock', document_capture_session_uuid: document_capture_session_uuid, failure_to_proof_url: return_to_sp_failure_to_proof_url(step: 'document_capture'), - doc_auth_selfie_capture: resolved_authn_context_result.biometric_comparison?, + doc_auth_selfie_capture: resolved_authn_context_result.facial_match?, }.merge( acuant_sdk_upgrade_a_b_testing_variables, ) @@ -58,8 +58,8 @@ def analytics_arguments flow_path: 'hybrid', step: 'document_capture', analytics_id: 'Doc Auth', - liveness_checking_required: resolved_authn_context_result.biometric_comparison?, - selfie_check_required: resolved_authn_context_result.biometric_comparison?, + liveness_checking_required: resolved_authn_context_result.facial_match?, + selfie_check_required: resolved_authn_context_result.facial_match?, }.merge( ab_test_analytics_buckets, ) diff --git a/app/controllers/idv/image_uploads_controller.rb b/app/controllers/idv/image_uploads_controller.rb index 6f453989985..01a2accfaaa 100644 --- a/app/controllers/idv/image_uploads_controller.rb +++ b/app/controllers/idv/image_uploads_controller.rb @@ -27,7 +27,7 @@ def image_upload_form service_provider: current_sp, analytics: analytics, uuid_prefix: current_sp&.app_id, - liveness_checking_required: resolved_authn_context_result.biometric_comparison?, + liveness_checking_required: resolved_authn_context_result.facial_match?, ) end end diff --git a/app/controllers/idv_controller.rb b/app/controllers/idv_controller.rb index 7d58f23a72a..3c6ea77f2b2 100644 --- a/app/controllers/idv_controller.rb +++ b/app/controllers/idv_controller.rb @@ -33,8 +33,8 @@ def activated private def already_verified? - if resolved_authn_context_result.biometric_comparison? - current_user.identity_verified_with_biometric_comparison? + if resolved_authn_context_result.facial_match? + current_user.identity_verified_with_facial_match? else current_user.active_profile.present? end diff --git a/app/controllers/openid_connect/authorization_controller.rb b/app/controllers/openid_connect/authorization_controller.rb index f792dd55ac6..930f7e25b42 100644 --- a/app/controllers/openid_connect/authorization_controller.rb +++ b/app/controllers/openid_connect/authorization_controller.rb @@ -31,7 +31,7 @@ def index return redirect_to reactivate_account_url if user_needs_to_reactivate_account? return redirect_to url_for_pending_profile_reason if user_has_pending_profile? return redirect_to idv_url if identity_needs_verification? - return redirect_to idv_url if biometric_comparison_needed? + return redirect_to idv_url if facial_match_needed? end return redirect_to sign_up_completed_url if needs_completion_screen_reason link_identity_to_service_provider @@ -140,9 +140,9 @@ def identity_needs_verification? decorated_sp_session.requested_more_recent_verification?) end - def biometric_comparison_needed? - resolved_authn_context_result.biometric_comparison? && - !current_user.identity_verified_with_biometric_comparison? + def facial_match_needed? + resolved_authn_context_result.facial_match? && + !current_user.identity_verified_with_facial_match? end def build_authorize_form_from_params diff --git a/app/controllers/saml_idp_controller.rb b/app/controllers/saml_idp_controller.rb index 012dd21a40e..b4278026379 100644 --- a/app/controllers/saml_idp_controller.rb +++ b/app/controllers/saml_idp_controller.rb @@ -37,7 +37,7 @@ def auth return redirect_to reactivate_account_url if user_needs_to_reactivate_account? return redirect_to url_for_pending_profile_reason if user_has_pending_profile? return redirect_to idv_url if identity_needs_verification? - return redirect_to idv_url if biometric_comparison_needed? + return redirect_to idv_url if facial_match_needed? end return redirect_to sign_up_completed_url if needs_completion_screen_reason if auth_count == 1 && first_visit_for_sp? @@ -113,9 +113,9 @@ def prompt_for_password_if_ial2_request_and_pii_locked redirect_to capture_password_url end - def biometric_comparison_needed? - resolved_authn_context_result.biometric_comparison? && - !current_user.identity_verified_with_biometric_comparison? + def facial_match_needed? + resolved_authn_context_result.facial_match? && + !current_user.identity_verified_with_facial_match? end def set_devise_failure_redirect_for_concurrent_session_logout diff --git a/app/forms/openid_connect_authorize_form.rb b/app/forms/openid_connect_authorize_form.rb index d8bc28b5a89..8123670c69e 100644 --- a/app/forms/openid_connect_authorize_form.rb +++ b/app/forms/openid_connect_authorize_form.rb @@ -312,7 +312,7 @@ def scopes def validate_privileges if (identity_proofing_requested? && !identity_proofing_service_provider?) || (ialmax_requested? && !ialmax_allowed_for_sp?) || - (biometric_ial_requested? && !service_provider.biometric_ial_allowed?) || + (facial_match_ial_requested? && !service_provider.facial_match_ial_allowed?) || (semantic_authn_contexts_requested? && !service_provider.semantic_authn_contexts_allowed?) errors.add( :acr_values, t('openid_connect.authorization.errors.no_auth'), @@ -351,8 +351,8 @@ def ialmax_requested? Saml::Idp::Constants::AUTHN_CONTEXT_CLASSREF_TO_IAL[ial_values.sort.max] == 0 end - def biometric_ial_requested? - ial_values.any? { |ial| Saml::Idp::Constants::BIOMETRIC_IAL_CONTEXTS.include? ial } + def facial_match_ial_requested? + ial_values.any? { |ial| Saml::Idp::Constants::FACIAL_MATCH_IAL_CONTEXTS.include? ial } end def highest_level_aal(aal_values) diff --git a/app/models/anonymous_user.rb b/app/models/anonymous_user.rb index 6d8bf199a73..0d5eb82b853 100644 --- a/app/models/anonymous_user.rb +++ b/app/models/anonymous_user.rb @@ -53,7 +53,7 @@ def locked_out? second_factor_locked_at.present? && !lockout_period_expired? end - def identity_verified_with_biometric_comparison? + def identity_verified_with_facial_match? false end diff --git a/app/models/profile.rb b/app/models/profile.rb index 12edabbee1e..fadcbf59571 100644 --- a/app/models/profile.rb +++ b/app/models/profile.rb @@ -94,7 +94,7 @@ def activate(reason_deactivated: nil) now = Time.zone.now profile_to_deactivate = Profile.find_by(user_id: user_id, active: true) is_reproof = profile_to_deactivate.present? - is_biometric_upgrade = is_reproof && biometric? && !profile_to_deactivate.biometric? + is_facial_match_upgrade = is_reproof && facial_match? && !profile_to_deactivate.facial_match? attrs = { active: true, @@ -107,7 +107,7 @@ def activate(reason_deactivated: nil) Profile.where(user_id: user_id).update_all(active: false) update!(attrs) end - track_biometric_reproof if is_biometric_upgrade + track_facial_match_reproof if is_facial_match_upgrade send_push_notifications if is_reproof end # rubocop:enable Rails/SkipsModelValidations @@ -309,8 +309,8 @@ def profile_age_in_seconds (Time.zone.now - created_at).round end - def biometric? - ::User::BIOMETRIC_COMPARISON_IDV_LEVELS.include?(idv_level) + def facial_match? + ::User::FACIAL_MATCH_IDV_LEVELS.include?(idv_level) end private @@ -341,7 +341,7 @@ def send_push_notifications PushNotification::HttpPush.deliver(event) end - def track_biometric_reproof + def track_facial_match_reproof SpUpgradedBiometricProfile.create( user: user, upgraded_at: Time.zone.now, diff --git a/app/models/service_provider.rb b/app/models/service_provider.rb index f448eeb7cd2..451ac70c440 100644 --- a/app/models/service_provider.rb +++ b/app/models/service_provider.rb @@ -78,7 +78,7 @@ def ialmax_allowed? IdentityConfig.store.allowed_ialmax_providers.include?(issuer) end - def biometric_ial_allowed? + def facial_match_ial_allowed? IdentityConfig.store.biometric_ial_enabled && IdentityConfig.store.allowed_biometric_ial_providers.include?(issuer) end diff --git a/app/models/user.rb b/app/models/user.rb index 6f645d9457c..a30109699c5 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -25,7 +25,7 @@ class User < ApplicationRecord MAX_RECENT_EVENTS = 5 MAX_RECENT_DEVICES = 5 - BIOMETRIC_COMPARISON_IDV_LEVELS = %w[unsupervised_with_selfie in_person].to_set.freeze + FACIAL_MATCH_IDV_LEVELS = %w[unsupervised_with_selfie in_person].to_set.freeze enum otp_delivery_preference: { sms: 0, voice: 1 } @@ -376,8 +376,8 @@ def identity_verified? active_profile.present? end - def identity_verified_with_biometric_comparison? - BIOMETRIC_COMPARISON_IDV_LEVELS.include?(active_profile&.idv_level) + def identity_verified_with_facial_match? + FACIAL_MATCH_IDV_LEVELS.include?(active_profile&.idv_level) end # This user's most recently activated profile that has also been deactivated diff --git a/app/policies/pending_profile_policy.rb b/app/policies/pending_profile_policy.rb index 1dabba35ef9..8eb1c9a58fd 100644 --- a/app/policies/pending_profile_policy.rb +++ b/app/policies/pending_profile_policy.rb @@ -9,8 +9,8 @@ def initialize(user:, resolved_authn_context_result:) def user_has_pending_profile? return false if user.blank? - if biometric_comparison_requested? - pending_biometric_profile? + if facial_match_requested? + pending_facial_match_profile? else pending_legacy_profile? || fraud_review_pending? end @@ -20,12 +20,12 @@ def user_has_pending_profile? attr_reader :user, :resolved_authn_context_result - def pending_biometric_profile? + def pending_facial_match_profile? user.pending_profile&.idv_level == 'unsupervised_with_selfie' end - def biometric_comparison_requested? - resolved_authn_context_result.biometric_comparison? + def facial_match_requested? + resolved_authn_context_result.facial_match? end def pending_legacy_profile? diff --git a/app/presenters/account_show_presenter.rb b/app/presenters/account_show_presenter.rb index dd559acc8cb..7f41a989887 100644 --- a/app/presenters/account_show_presenter.rb +++ b/app/presenters/account_show_presenter.rb @@ -9,7 +9,7 @@ class AccountShowPresenter :authn_context, :sp_name - delegate :identity_verified_with_biometric_comparison?, to: :user + delegate :identity_verified_with_facial_match?, to: :user def initialize( decrypted_pii:, @@ -54,7 +54,7 @@ def active_profile_for_authn_context? return @active_profile_for_authn_context if defined?(@active_profile_for_authn_context) @active_profile_for_authn_context = active_profile? && ( - !authn_context.biometric_comparison? || identity_verified_with_biometric_comparison? + !authn_context.facial_match? || identity_verified_with_facial_match? ) end @@ -78,7 +78,7 @@ def formatted_ipp_due_date I18n.l(user.pending_in_person_enrollment.due_date, format: :event_date) end - def formatted_nonbiometric_idv_date + def formatted_legacy_idv_date I18n.l(user.active_profile.created_at, format: :event_date) end diff --git a/app/presenters/idv/welcome_presenter.rb b/app/presenters/idv/welcome_presenter.rb index fbb2a65cbd9..c9a3c2c57b2 100644 --- a/app/presenters/idv/welcome_presenter.rb +++ b/app/presenters/idv/welcome_presenter.rb @@ -22,10 +22,6 @@ def title t('doc_auth.headings.welcome', sp_name: sp_name) end - def selfie_required? - decorated_sp_session.biometric_comparison_required? - end - def explanation_text(help_link) if first_time_idv? t( diff --git a/app/services/authn_context_resolver.rb b/app/services/authn_context_resolver.rb index e50fb24268f..41328b496c1 100644 --- a/app/services/authn_context_resolver.rb +++ b/app/services/authn_context_resolver.rb @@ -22,7 +22,7 @@ def asserted_ial_acr return resolve_acr(Saml::Idp::Constants::IAL1_AUTHN_CONTEXT_CLASSREF) unless user&.identity_verified? - if result.biometric_comparison? + if result.facial_match? resolve_acr(Saml::Idp::Constants::IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF) elsif result.identity_proofing? || result.ialmax? @@ -35,10 +35,10 @@ def asserted_ial_acr private def selected_vtr_parser_result_from_vtr_list - if biometric_proofing_vot.present? && user&.identity_verified_with_biometric_comparison? - biometric_proofing_vot - elsif non_biometric_identity_proofing_vot.present? && user&.identity_verified? - non_biometric_identity_proofing_vot + if facial_match_proofing_vot.present? && user&.identity_verified_with_facial_match? + facial_match_proofing_vot + elsif non_facial_match_identity_proofing_vot.present? && user&.identity_verified? + non_facial_match_identity_proofing_vot elsif no_identity_proofing_vot.present? no_identity_proofing_vot else @@ -52,13 +52,13 @@ def parsed_vectors_of_trust end end - def biometric_proofing_vot - parsed_vectors_of_trust.find(&:biometric_comparison?) + def facial_match_proofing_vot + parsed_vectors_of_trust.find(&:facial_match?) end - def non_biometric_identity_proofing_vot + def non_facial_match_identity_proofing_vot parsed_vectors_of_trust.find do |vot_parser_result| - vot_parser_result.identity_proofing? && !vot_parser_result.biometric_comparison? + vot_parser_result.identity_proofing? && !vot_parser_result.facial_match? end end @@ -99,15 +99,15 @@ def result_with_sp_aal_defaults(result) end def decorate_acr_result_with_user_context(result) - return result unless result.biometric_comparison? + return result unless result.facial_match? - return result if user&.identity_verified_with_biometric_comparison? || - biometric_is_required?(result) + return result if user&.identity_verified_with_facial_match? || + facial_match_is_required?(result) if user&.identity_verified? - result.with(biometric_comparison?: false, two_pieces_of_fair_evidence?: false) + result.with(facial_match?: false, two_pieces_of_fair_evidence?: false) else - result.with(biometric_comparison?: true) + result.with(facial_match?: true) end end @@ -139,8 +139,8 @@ def resolve_acr(acr) Saml::Idp::Constants::LEGACY_ACRS_TO_SEMANTIC_ACRS.fetch(acr, default_value: acr) end - def biometric_is_required?(result) - Saml::Idp::Constants::BIOMETRIC_REQUIRED_IAL_CONTEXTS.intersect?(result.component_names) + def facial_match_is_required?(result) + Saml::Idp::Constants::FACIAL_MATCH_REQUIRED_IAL_CONTEXTS.intersect?(result.component_names) end def use_semantic_authn_contexts? diff --git a/app/services/id_token_builder.rb b/app/services/id_token_builder.rb index 7ba17d7c458..077cb262ed3 100644 --- a/app/services/id_token_builder.rb +++ b/app/services/id_token_builder.rb @@ -64,7 +64,7 @@ def timestamp_claims def acr return nil unless identity.acr_values.present? - if resolved_authn_context_result.biometric_comparison? + if resolved_authn_context_result.facial_match? Vot::AcrComponentValues::IAL2_BIO_REQUIRED.name elsif resolved_authn_context_result.ialmax? determine_ial_max_acr.name diff --git a/app/services/saml_request_validator.rb b/app/services/saml_request_validator.rb index 7b072c5e525..cf08513247d 100644 --- a/app/services/saml_request_validator.rb +++ b/app/services/saml_request_validator.rb @@ -61,7 +61,7 @@ def authorized_authn_context if !valid_authn_context? || (identity_proofing_requested? && !service_provider.identity_proofing_allowed?) || (ial_max_requested? && !service_provider.ialmax_allowed?) || - (biometric_ial_requested? && !service_provider.biometric_ial_allowed?) || + (biometric_ial_requested? && !service_provider.facial_match_ial_allowed?) || (semantic_authn_contexts_requested? && !service_provider.semantic_authn_contexts_allowed?) errors.add(:authn_context, :unauthorized_authn_context, type: :unauthorized_authn_context) end @@ -117,7 +117,7 @@ def ial_max_requested? end def biometric_ial_requested? - Array(authn_context).any? { |ial| Saml::Idp::Constants::BIOMETRIC_IAL_CONTEXTS.include? ial } + Array(authn_context).any? { |ial| Saml::Idp::Constants::FACIAL_MATCH_IAL_CONTEXTS.include? ial } end def semantic_authn_contexts_requested? diff --git a/app/services/vot/acr_component_values.rb b/app/services/vot/acr_component_values.rb index a10ebee50e6..ad58dbe2183 100644 --- a/app/services/vot/acr_component_values.rb +++ b/app/services/vot/acr_component_values.rb @@ -29,17 +29,17 @@ module AcrComponentValues ).freeze IAL2_BIO_REQUIRED = ComponentValue.new( name: Saml::Idp::Constants::IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF, - description: 'IAL2 - require identity proofing with biometric comparison (NIST SP 800-63-3)', + description: 'IAL2 - Interm value. Require id proofing with facial match (NIST SP 800-63-3)', implied_component_values: [], - requirements: [:aal2, :identity_proofing, :biometric_comparison, + requirements: [:aal2, :identity_proofing, :facial_match, :two_pieces_of_fair_evidence], ).freeze IAL2_BIO_PREFERRED = ComponentValue.new( name: Saml::Idp::Constants::IAL2_BIO_PREFERRED_AUTHN_CONTEXT_CLASSREF, description: - 'IAL2 - use identity proofing with biometric comparison if completed (NIST SP 800-63-3)', + 'IAL2 - Interim value. Use id proofing with facial match if completed (NIST SP 800-63-3)', implied_component_values: [], - requirements: [:aal2, :identity_proofing, :biometric_comparison, + requirements: [:aal2, :identity_proofing, :facial_match, :two_pieces_of_fair_evidence], ).freeze IALMAX = ComponentValue.new( @@ -57,22 +57,22 @@ module AcrComponentValues ).freeze IAL_VERIFIED = ComponentValue.new( name: Saml::Idp::Constants::IAL_VERIFIED_ACR, - description: 'IAL2 - basic identity proofing, no biometrics (NIST SP 800-63-3)', + description: 'IAL2 - basic identity proofing, no facial match (NIST SP 800-63-3)', implied_component_values: [], requirements: [:aal2, :identity_proofing], ).freeze IAL_VERIFIED_FACIAL_MATCH_PREFERRED = ComponentValue.new( name: Saml::Idp::Constants::IAL_VERIFIED_FACIAL_MATCH_PREFERRED_ACR, - description: 'IAL2 - biometric-verified identity used if available (NIST SP 800-63-3)', + description: 'IAL2 - facial-match verified identity used if available (NIST SP 800-63-3)', implied_component_values: [], - requirements: [:aal2, :identity_proofing, :biometric_comparison, + requirements: [:aal2, :identity_proofing, :facial_match, :two_pieces_of_fair_evidence], ).freeze IAL_VERIFIED_FACIAL_MATCH_REQUIRED = ComponentValue.new( name: Saml::Idp::Constants::IAL_VERIFIED_FACIAL_MATCH_REQUIRED_ACR, description: 'IAL2 - require identity-proofing using facial match (NIST SP 800-63-3)', implied_component_values: [], - requirements: [:aal2, :identity_proofing, :biometric_comparison, + requirements: [:aal2, :identity_proofing, :facial_match, :two_pieces_of_fair_evidence], ).freeze diff --git a/app/services/vot/parser.rb b/app/services/vot/parser.rb index 94e54c2b4ef..3f135fad867 100644 --- a/app/services/vot/parser.rb +++ b/app/services/vot/parser.rb @@ -15,7 +15,7 @@ class DuplicateComponentsException < ParseException; end :phishing_resistant?, :hspd12?, :identity_proofing?, - :biometric_comparison?, + :facial_match?, :two_pieces_of_fair_evidence?, :ialmax?, :enhanced_ipp?, @@ -28,7 +28,7 @@ def self.no_sp_result phishing_resistant?: false, hspd12?: false, identity_proofing?: false, - biometric_comparison?: false, + facial_match?: false, two_pieces_of_fair_evidence?: false, ialmax?: false, enhanced_ipp?: false, @@ -71,7 +71,7 @@ def parse phishing_resistant?: requirement_list.include?(:phishing_resistant), hspd12?: requirement_list.include?(:hspd12), identity_proofing?: requirement_list.include?(:identity_proofing), - biometric_comparison?: requirement_list.include?(:biometric_comparison), + facial_match?: requirement_list.include?(:facial_match), two_pieces_of_fair_evidence?: requirement_list.include?(:two_pieces_of_fair_evidence), ialmax?: requirement_list.include?(:ialmax), enhanced_ipp?: requirement_list.include?(:enhanced_ipp), diff --git a/app/services/vot/supported_component_values.rb b/app/services/vot/supported_component_values.rb index 0ea2bf14b66..01c4edd7825 100644 --- a/app/services/vot/supported_component_values.rb +++ b/app/services/vot/supported_component_values.rb @@ -36,7 +36,7 @@ module SupportedComponentValues name: 'Pb', description: 'A biometric comparison is required as part of identity proofing', implied_component_values: ['P1'], - requirements: [:biometric_comparison, :two_pieces_of_fair_evidence], + requirements: [:facial_match, :two_pieces_of_fair_evidence], ).freeze Pe = ComponentValue.new( name: 'Pe', diff --git a/app/views/accounts/_identity_verification.html.erb b/app/views/accounts/_identity_verification.html.erb index 5ef2ebd5f60..0b2c6c5e4c5 100644 --- a/app/views/accounts/_identity_verification.html.erb +++ b/app/views/accounts/_identity_verification.html.erb @@ -4,7 +4,7 @@
<% if @presenter.active_profile_for_authn_context? %> - <%= render TooltipComponent.new(tooltip_text: @presenter.identity_verified_with_biometric_comparison? ? t('account.index.verification.verified_biometric_badge_tooltip') : t('account.index.verification.verified_badge_tooltip')) do %> + <%= render TooltipComponent.new(tooltip_text: @presenter.identity_verified_with_facial_match? ? t('account.index.verification.verified_biometric_badge_tooltip') : t('account.index.verification.verified_badge_tooltip')) do %> <%= render BadgeComponent.new(icon: :check_circle).with_content(t('account.index.verification.verified_badge')) %> <% end %> <% elsif @presenter.pending_gpo? || @presenter.pending_ipp? %> @@ -22,13 +22,13 @@ <% if @presenter.active_profile? || @presenter.pending_ipp? || @presenter.pending_gpo? %>

<% if @presenter.active_profile_for_authn_context? %> - <% if @presenter.identity_verified_with_biometric_comparison? %> + <% if @presenter.identity_verified_with_facial_match? %> <%= t('account.index.verification.you_verified_your_biometric_identity', app_name: APP_NAME) %> <% else %> <%= t('account.index.verification.you_verified_your_identity_html', sp_name: @presenter.user.active_profile.initiating_service_provider&.friendly_name || APP_NAME) %> <% end %> <% elsif @presenter.active_profile? %> - <%= t('account.index.verification.nonbiometric_verified_html', app_name: APP_NAME, date: @presenter.formatted_nonbiometric_idv_date) %> + <%= t('account.index.verification.nonbiometric_verified_html', app_name: APP_NAME, date: @presenter.formatted_legacy_idv_date) %> <% elsif @presenter.sp_name || @presenter.user.pending_profile.initiating_service_provider %> <%= t('account.index.verification.finish_verifying_html', sp_name: @presenter.sp_name || @presenter.user.pending_profile.initiating_service_provider.friendly_name) %> <% else %> diff --git a/lib/saml_idp_constants.rb b/lib/saml_idp_constants.rb index d8f4902fcd5..67a738998a8 100644 --- a/lib/saml_idp_constants.rb +++ b/lib/saml_idp_constants.rb @@ -50,20 +50,20 @@ module Constants IdentityConfig.store.valid_authn_contexts end).freeze - BIOMETRIC_IAL_CONTEXTS = [ + FACIAL_MATCH_IAL_CONTEXTS = [ IAL_VERIFIED_FACIAL_MATCH_REQUIRED_ACR, IAL_VERIFIED_FACIAL_MATCH_PREFERRED_ACR, IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF, IAL2_BIO_PREFERRED_AUTHN_CONTEXT_CLASSREF, ].freeze - BIOMETRIC_REQUIRED_IAL_CONTEXTS = [ + FACIAL_MATCH_REQUIRED_IAL_CONTEXTS = [ IAL_VERIFIED_FACIAL_MATCH_REQUIRED_ACR, IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF, ].freeze IAL2_AUTHN_CONTEXTS = [ - *BIOMETRIC_IAL_CONTEXTS, + *FACIAL_MATCH_IAL_CONTEXTS, IAL_VERIFIED_ACR, IAL2_AUTHN_CONTEXT_CLASSREF, LOA3_AUTHN_CONTEXT_CLASSREF, diff --git a/spec/controllers/account_reset/delete_account_controller_spec.rb b/spec/controllers/account_reset/delete_account_controller_spec.rb index 90b86b874db..2d5702daf03 100644 --- a/spec/controllers/account_reset/delete_account_controller_spec.rb +++ b/spec/controllers/account_reset/delete_account_controller_spec.rb @@ -126,7 +126,7 @@ ) end - it 'logs info about user biometrically verified account' do + it 'logs info about user facial matched verified account' do user = create( :user, :proofed_with_selfie, :with_phone ) diff --git a/spec/controllers/concerns/idv/document_capture_concern_spec.rb b/spec/controllers/concerns/idv/document_capture_concern_spec.rb index 6010aa4511f..d8e6ddae2dc 100644 --- a/spec/controllers/concerns/idv/document_capture_concern_spec.rb +++ b/spec/controllers/concerns/idv/document_capture_concern_spec.rb @@ -27,7 +27,7 @@ def show allow(controller).to receive(:resolved_authn_context_result).and_return(resolution_result) end - context 'SP requires biometric_comparison' do + context 'SP requires facial_match' do let(:vot) { 'Pb' } context 'selfie check performed' do @@ -47,7 +47,7 @@ def show end end - context 'SP does not require biometric_comparison' do + context 'SP does not require facial_match' do let(:vot) { 'P1' } context 'selfie check performed' do diff --git a/spec/controllers/idv_controller_spec.rb b/spec/controllers/idv_controller_spec.rb index 2d8b55609f4..031d560253c 100644 --- a/spec/controllers/idv_controller_spec.rb +++ b/spec/controllers/idv_controller_spec.rb @@ -56,12 +56,12 @@ expect(response).to redirect_to idv_activated_url end - context 'but user needs to redo idv with biometric' do + context 'but user needs to redo idv with facial match' do let(:current_sp) { create(:service_provider) } before do session[:sp] = - { issuer: current_sp.issuer, vtr: ['C2.Pb'], biometric_comparison_required: true } + { issuer: current_sp.issuer, vtr: ['C2.Pb'] } end it 'redirects to welcome' do diff --git a/spec/controllers/openid_connect/authorization_controller_spec.rb b/spec/controllers/openid_connect/authorization_controller_spec.rb index 5e5049bd526..16686795bc6 100644 --- a/spec/controllers/openid_connect/authorization_controller_spec.rb +++ b/spec/controllers/openid_connect/authorization_controller_spec.rb @@ -403,7 +403,7 @@ ) end - context 'SP requests biometric_comparison_required' do + context 'SP requests required facial match' do let(:vtr) { ['Pb'].to_json } before do @@ -433,7 +433,7 @@ end end - context 'selfie capture not enabled, biometric comparison not required' do + context 'selfie capture not enabled, facial match comparison not required' do let(:vtr) { ['P1'].to_json } it 'redirects to the service provider' do @@ -443,7 +443,7 @@ end end - context 'SP has a vector of trust that includes a biometric comparison' do + context 'SP has a vector of trust that includes a facial match comparison' do let(:acr_values) { nil } let(:vtr) { ['Pb'].to_json } @@ -475,7 +475,7 @@ end end - context 'biometric comparison was performed in-person' do + context 'facial match comparison was performed in-person' do it 'redirects to the redirect_uri immediately when pii is unlocked if client-side redirect is disabled' do user.active_profile.idv_level = :in_person @@ -487,7 +487,7 @@ end end - context 'verified non-biometric profile with pending biometric profile' do + context 'verified non-facial match profile with pending facial match profile' do before do allow(IdentityConfig.store).to receive(:openid_connect_redirect). and_return('server_side') @@ -498,7 +498,7 @@ allow(controller).to receive(:pii_requested_but_locked?).and_return(false) end - context 'sp does not request biometrics' do + context 'sp does not request facial match' do let(:user) { create(:profile, :active, :verified).user } it 'redirects to the redirect_uri immediately when pii is unlocked if client-side redirect is disabled' do @@ -520,7 +520,7 @@ end end - context 'sp requests biometrics' do + context 'sp requests facial match' do let(:user) { create(:profile, :active, :verified).user } let(:vtr) { ['C1.C2.P1.Pb'].to_json } @@ -1325,7 +1325,7 @@ ) end - context 'SP requests biometric_comparison_required' do + context 'SP requests required facial match' do let(:vtr) { ['Pb'].to_json } before do @@ -1355,7 +1355,7 @@ end end - context 'selfie capture not enabled, biometric comparison not required' do + context 'selfie capture not enabled, facial match comparison not required' do let(:vtr) { ['P1'].to_json } it 'redirects to the service provider' do @@ -1365,7 +1365,7 @@ end end - context 'SP has a vector of trust that includes a biometric comparison' do + context 'SP has a vector of trust that includes a facial match comparison' do let(:acr_values) { nil } let(:vtr) { ['Pb'].to_json } @@ -1397,7 +1397,7 @@ end end - context 'biometric comparison was performed in-person' do + context 'facial match comparison was performed in-person' do it 'redirects to the redirect_uri immediately when pii is unlocked if client-side redirect is disabled' do user.active_profile.idv_level = :in_person @@ -1409,7 +1409,7 @@ end end - context 'verified non-biometric profile with pending biometric profile' do + context 'verified non-facial match profile with pending facial match profile' do before do allow(IdentityConfig.store).to receive(:openid_connect_redirect). and_return('server_side') @@ -1420,7 +1420,7 @@ allow(controller).to receive(:pii_requested_but_locked?).and_return(false) end - context 'sp does not request biometrics' do + context 'sp does not request facial match' do let(:user) { create(:profile, :active, :verified).user } it 'redirects to the redirect_uri immediately when pii is unlocked if client-side redirect is disabled' do @@ -1442,7 +1442,7 @@ end end - context 'sp requests biometrics' do + context 'sp requests facial match' do let(:user) { create(:profile, :active, :verified).user } let(:vtr) { ['C1.C2.P1.Pb'].to_json } diff --git a/spec/controllers/saml_idp_controller_spec.rb b/spec/controllers/saml_idp_controller_spec.rb index dba27b7a034..5a19104dccb 100644 --- a/spec/controllers/saml_idp_controller_spec.rb +++ b/spec/controllers/saml_idp_controller_spec.rb @@ -570,7 +570,7 @@ def name_id_version(format_urn) end end - context 'the request requires identity proofing with a biometric' do + context 'the request requires identity proofing with a facial match' do let(:vtr_settings) do saml_settings( overrides: { @@ -595,18 +595,18 @@ def name_id_version(format_urn) ) end - context 'the user has proofed without a biometric check' do + context 'the user has proofed without a facial match check' do before do user.active_profile.update!(idv_level: :legacy_unsupervised) end - it 'redirects to identity proofing for a user who is verified without a biometric' do + it 'redirects to identity proofing for a user who is verified without a facial match' do saml_get_auth(vtr_settings) expect(response).to redirect_to(idv_url) expect(controller.session[:sp][:vtr]).to eq(['C1.C2.P1.Pb']) end - context 'user has a pending biometric profile' do + context 'user has a pending facial match profile' do let(:vtr_settings) do saml_settings( overrides: { @@ -616,7 +616,7 @@ def name_id_version(format_urn) ) end - it 'does not redirect to proofing if sp does not request biometrics' do + it 'does not redirect to proofing if sp does not request facial match' do create( :profile, :verify_by_mail_pending, @@ -645,7 +645,7 @@ def name_id_version(format_urn) end end - context 'the user has proofed with a biometric check remotely' do + context 'the user has proofed with a facial match check remotely' do before do user.active_profile.update!(idv_level: :unsupervised_with_selfie) end @@ -657,7 +657,7 @@ def name_id_version(format_urn) end end - context 'the user has proofed with a biometric check in-person' do + context 'the user has proofed with a facial match check in-person' do before do user.active_profile.update!(idv_level: :in_person) end diff --git a/spec/factories/profiles.rb b/spec/factories/profiles.rb index f39daca07a9..66eead40d4c 100644 --- a/spec/factories/profiles.rb +++ b/spec/factories/profiles.rb @@ -79,7 +79,7 @@ end end - trait :biometric_proof do + trait :facial_match_proof do idv_level { :in_person } initiating_service_provider_issuer { 'urn:gov:gsa:openidconnect:inactive:sp:test' } end diff --git a/spec/features/idv/analytics_spec.rb b/spec/features/idv/analytics_spec.rb index 5e3f1f61b70..bd0d1cdb1b3 100644 --- a/spec/features/idv/analytics_spec.rb +++ b/spec/features/idv/analytics_spec.rb @@ -1055,7 +1055,7 @@ def wait_for_event(event, wait) perform_in_browser(:desktop) do sign_in_and_2fa_user(user) - visit_idp_from_sp_with_ial2(:oidc, biometric_comparison_required: true) + visit_idp_from_sp_with_ial2(:oidc, facial_match_required: true) complete_doc_auth_steps_before_document_capture_step attach_images attach_selfie @@ -1110,13 +1110,13 @@ def wait_for_event(event, wait) before do allow(IdentityConfig.store).to receive(:doc_auth_separate_pages_enabled).and_return(true) allow_any_instance_of(FederatedProtocols::Oidc). - to receive(:biometric_comparison_required?). + to receive(:facial_match_required?). and_return(true) allow_any_instance_of(DocAuth::Response).to receive(:selfie_status).and_return(:success) perform_in_browser(:desktop) do sign_in_and_2fa_user(user) - visit_idp_from_sp_with_ial2(:oidc, biometric_comparison_required: true) + visit_idp_from_sp_with_ial2(:oidc, facial_match_required: true) complete_doc_auth_steps_before_document_capture_step attach_images continue_doc_auth_form diff --git a/spec/features/idv/doc_auth/document_capture_spec.rb b/spec/features/idv/doc_auth/document_capture_spec.rb index 71e0b3a1299..7b488a6fda0 100644 --- a/spec/features/idv/doc_auth/document_capture_spec.rb +++ b/spec/features/idv/doc_auth/document_capture_spec.rb @@ -179,7 +179,7 @@ context 'with a passing selfie' do it 'proceeds to the next page with valid info, including a selfie image' do perform_in_browser(:mobile) do - visit_idp_from_oidc_sp_with_ial2(biometric_comparison_required: true) + visit_idp_from_oidc_sp_with_ial2(facial_match_required: true) sign_in_and_2fa_user(@user) complete_doc_auth_steps_before_document_capture_step @@ -326,11 +326,11 @@ visit_idp_from_sp_with_ial2( :oidc, **{ client_id: ipp_service_provider.issuer, - biometric_comparison_required: true }, + facial_match_required: true }, ) sign_in_and_2fa_user(@user) complete_up_to_how_to_verify_step_for_opt_in_ipp( - biometric_comparison_required: true, + facial_match_required: true, ) complete_verify_step end @@ -343,7 +343,7 @@ before do allow(IdentityConfig.store).to receive(:doc_auth_max_attempts).and_return(99) perform_in_browser(:mobile) do - visit_idp_from_oidc_sp_with_ial2(biometric_comparison_required: true) + visit_idp_from_oidc_sp_with_ial2(facial_match_required: true) sign_in_and_2fa_user(@user) complete_doc_auth_steps_before_document_capture_step end @@ -399,7 +399,7 @@ describe 'when desktop selfie not allowed' do it 'can only proceed to link sent page' do perform_in_browser(:desktop) do - visit_idp_from_oidc_sp_with_ial2(biometric_comparison_required: true) + visit_idp_from_oidc_sp_with_ial2(facial_match_required: true) sign_in_and_2fa_user(@user) complete_doc_auth_steps_before_hybrid_handoff_step # we still have option to continue @@ -418,7 +418,7 @@ it 'proceed to the next page with valid info, including a selfie image' do perform_in_browser(:desktop) do - visit_idp_from_oidc_sp_with_ial2(biometric_comparison_required: true) + visit_idp_from_oidc_sp_with_ial2(facial_match_required: true) sign_in_and_2fa_user(@user) complete_doc_auth_steps_before_hybrid_handoff_step # we still have option to continue on handoff, since it's desktop no skip_hand_off @@ -461,7 +461,7 @@ describe 'when ipp is selected' do it 'proceed to the next page and start ipp' do perform_in_browser(:desktop) do - visit_idp_from_oidc_sp_with_ial2(biometric_comparison_required: true) + visit_idp_from_oidc_sp_with_ial2(facial_match_required: true) sign_in_and_2fa_user(@user) complete_doc_auth_steps_before_hybrid_handoff_step # we still have option to continue on handoff, since it's desktop no skip_hand_off @@ -489,7 +489,7 @@ allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests).and_return(true) allow(IdentityConfig.store).to receive(:doc_auth_selfie_capture_enabled).and_return(true) allow(IdentityConfig.store).to receive(:doc_auth_separate_pages_enabled).and_return(true) - visit_idp_from_oidc_sp_with_ial2(biometric_comparison_required: true) + visit_idp_from_oidc_sp_with_ial2(facial_match_required: true) sign_in_and_2fa_user(@user) complete_doc_auth_steps_before_document_capture_step end @@ -622,7 +622,7 @@ def costing_for(cost_type) context 'before handoff page' do let(:sp_ipp_enabled) { true } let(:in_person_proofing_opt_in_enabled) { true } - let(:biometric_comparison_required) { true } + let(:facial_match_required) { true } let(:user) { user_with_2fa } before do @@ -637,7 +637,7 @@ def costing_for(cost_type) visit_idp_from_sp_with_ial2( :oidc, **{ client_id: service_provider.issuer, - biometric_comparison_required: biometric_comparison_required }, + facial_match_required: facial_match_required }, ) sign_in_via_branded_page(user) complete_doc_auth_steps_before_agreement_step @@ -652,7 +652,7 @@ def costing_for(cost_type) end context 'when selfie is disabled' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'redirects back to agreement page' do expect(page).to have_current_path(idv_agreement_path) diff --git a/spec/features/idv/doc_auth/how_to_verify_spec.rb b/spec/features/idv/doc_auth/how_to_verify_spec.rb index 5de62644584..24a5fb5778a 100644 --- a/spec/features/idv/doc_auth/how_to_verify_spec.rb +++ b/spec/features/idv/doc_auth/how_to_verify_spec.rb @@ -10,7 +10,7 @@ let(:in_person_proofing_enabled) { true } let(:in_person_proofing_opt_in_enabled) { false } let(:service_provider_in_person_proofing_enabled) { true } - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } before do allow(IdentityConfig.store).to receive(:in_person_proofing_enabled) { in_person_proofing_enabled @@ -22,7 +22,7 @@ and_return(service_provider_in_person_proofing_enabled) visit_idp_from_sp_with_ial2( :oidc, **{ client_id: ipp_service_provider.issuer, - biometric_comparison_required: biometric_comparison_required } + facial_match_required: facial_match_required } ) sign_in_via_branded_page(user) complete_doc_auth_steps_before_agreement_step @@ -105,7 +105,7 @@ context 'when selfie is enabled' do include InPersonHelper - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'goes to direct IPP if selected and can come back' do expect(page).to have_current_path(idv_how_to_verify_path) diff --git a/spec/features/idv/doc_auth/hybrid_handoff_spec.rb b/spec/features/idv/doc_auth/hybrid_handoff_spec.rb index 075ede1f608..5b0192506d0 100644 --- a/spec/features/idv/doc_auth/hybrid_handoff_spec.rb +++ b/spec/features/idv/doc_auth/hybrid_handoff_spec.rb @@ -10,11 +10,11 @@ let(:idv_send_link_attempt_window_in_minutes) do IdentityConfig.store.idv_send_link_attempt_window_in_minutes end - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } before do - if biometric_comparison_required - visit_idp_from_oidc_sp_with_ial2(biometric_comparison_required: biometric_comparison_required) + if facial_match_required + visit_idp_from_oidc_sp_with_ial2(facial_match_required: facial_match_required) end sign_in_and_2fa_user allow_any_instance_of(ApplicationController).to receive(:analytics).and_return(fake_analytics) @@ -198,7 +198,7 @@ end describe 'when selfie is required by sp' do - let(:biometric_comparison_required) { true } + let(:facial_match_required) { true } it 'has expected UI elements' do mobile_form = find('#form-to-submit-photos-through-mobile') expect(mobile_form).to have_name(t('forms.buttons.send_link')) @@ -241,7 +241,7 @@ end describe 'when selfie is not required by sp' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'has expected UI elements' do mobile_form = find('#form-to-submit-photos-through-mobile') desktop_form = find('#form-to-submit-photos-through-desktop') @@ -319,7 +319,7 @@ def verify_no_upload_photos_section_and_link(page) let(:in_person_proofing_enabled) { true } let(:sp_ipp_enabled) { true } let(:in_person_proofing_opt_in_enabled) { true } - let(:biometric_comparison_required) { true } + let(:facial_match_required) { true } let(:user) { user_with_2fa } before do @@ -340,7 +340,7 @@ def verify_no_upload_photos_section_and_link(page) visit_idp_from_sp_with_ial2( :oidc, **{ client_id: service_provider.issuer, - biometric_comparison_required: biometric_comparison_required }, + facial_match_required: facial_match_required }, ) sign_in_via_branded_page(user) complete_doc_auth_steps_before_agreement_step @@ -363,7 +363,7 @@ def verify_no_upload_photos_section_and_link(page) end end describe 'when selfie is not required by sp' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } before do click_on t('forms.buttons.continue_remote') end @@ -378,7 +378,7 @@ def verify_no_upload_photos_section_and_link(page) context 'when sp ipp is not available' do let(:sp_ipp_enabled) { false } describe 'when selfie is required by sp' do - let(:biometric_comparison_required) { true } + let(:facial_match_required) { true } it 'shows selfie version of top content, no ipp option section, no upload section' do verify_handoff_page_selfie_version_content(page) @@ -387,7 +387,7 @@ def verify_no_upload_photos_section_and_link(page) end end describe 'when selfie is not required by sp' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'shows non selfie version of top content and upload section, no ipp option section' do verify_handoff_page_non_selfie_version_content(page) @@ -404,7 +404,7 @@ def verify_no_upload_photos_section_and_link(page) let(:sp_ipp_enabled) { false } describe 'when selfie is required by sp' do - let(:biometric_comparison_required) { true } + let(:facial_match_required) { true } it 'shows selfie version of top content, no upload section, no ipp option section' do verify_handoff_page_selfie_version_content(page) @@ -413,7 +413,7 @@ def verify_no_upload_photos_section_and_link(page) end end describe 'when selfie is not required by sp' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'shows non selfie version of top content and upload section, no ipp option section' do verify_handoff_page_non_selfie_version_content(page) @@ -426,7 +426,7 @@ def verify_no_upload_photos_section_and_link(page) let(:sp_ipp_enabled) { true } context 'when selfie is disabled system wide' do describe 'when selfie is not required by sp' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'shows non selfie version of top content and upload section, no ipp option section' do verify_handoff_page_non_selfie_version_content(page) @@ -446,7 +446,7 @@ def verify_no_upload_photos_section_and_link(page) context 'when sp ipp is available' do let(:sp_ipp_enabled) { true } describe 'when selfie is required by sp' do - let(:biometric_comparison_required) { true } + let(:facial_match_required) { true } it 'shows selfie version of top content, no upload section, no ipp option section' do verify_handoff_page_selfie_version_content(page) @@ -455,7 +455,7 @@ def verify_no_upload_photos_section_and_link(page) end end describe 'when selfie is not required by sp' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'shows non selfie version of top content and upload section, no ipp option section' do verify_handoff_page_non_selfie_version_content(page) @@ -467,7 +467,7 @@ def verify_no_upload_photos_section_and_link(page) context 'when sp ipp is not available' do let(:sp_ipp_enabled) { false } describe 'when selfie is required by sp' do - let(:biometric_comparison_required) { true } + let(:facial_match_required) { true } it 'shows selfie version of top content, no upload section, no ipp option section' do verify_handoff_page_selfie_version_content(page) @@ -476,7 +476,7 @@ def verify_no_upload_photos_section_and_link(page) end end describe 'when selfie is not required by sp' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'shows non selfie version of top content and upload section, no ipp option section' do verify_handoff_page_non_selfie_version_content(page) @@ -492,7 +492,7 @@ def verify_no_upload_photos_section_and_link(page) context 'when sp ipp is enabled' do let(:sp_ipp_enabled) { true } describe 'when selfie is required by sp' do - let(:biometric_comparison_required) { true } + let(:facial_match_required) { true } it 'shows selfie version of top content, no upload section, no ipp option section' do verify_handoff_page_selfie_version_content(page) @@ -501,7 +501,7 @@ def verify_no_upload_photos_section_and_link(page) end end describe 'when selfie is not required by sp' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'shows non selfie version of top content and upload section, no ipp option section' do verify_handoff_page_non_selfie_version_content(page) @@ -513,7 +513,7 @@ def verify_no_upload_photos_section_and_link(page) context 'when sp ipp is not enabled' do let(:sp_ipp_enabled) { false } describe 'when selfie required by sp' do - let(:biometric_comparison_required) { true } + let(:facial_match_required) { true } it 'shows selfie version of top content, no upload section, no ipp option section' do verify_handoff_page_selfie_version_content(page) @@ -522,7 +522,7 @@ def verify_no_upload_photos_section_and_link(page) end end describe 'when selfie not required by sp' do - let(:biometric_comparison_required) { false } + let(:facial_match_required) { false } it 'shows non selfie version of top content and upload section, no ipp option section' do verify_handoff_page_non_selfie_version_content(page) diff --git a/spec/features/idv/doc_auth/redo_document_capture_spec.rb b/spec/features/idv/doc_auth/redo_document_capture_spec.rb index f31492795d8..96a18bfdc01 100644 --- a/spec/features/idv/doc_auth/redo_document_capture_spec.rb +++ b/spec/features/idv/doc_auth/redo_document_capture_spec.rb @@ -239,7 +239,7 @@ before do allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests).and_return(true) allow_any_instance_of(DocAuth::Response).to receive(:selfie_status).and_return(:fail) - start_idv_from_sp(biometric_comparison_required: true) + start_idv_from_sp(facial_match_required: true) sign_in_and_2fa_user complete_doc_auth_steps_before_document_capture_step mock_doc_auth_success_face_match_fail @@ -261,7 +261,7 @@ before do allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests).and_return(true) - start_idv_from_sp(biometric_comparison_required: true) + start_idv_from_sp(facial_match_required: true) sign_in_and_2fa_user complete_doc_auth_steps_before_document_capture_step mock_doc_auth_pass_and_portrait_match_not_live @@ -304,7 +304,7 @@ before do allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests).and_return(true) - start_idv_from_sp(biometric_comparison_required: true) + start_idv_from_sp(facial_match_required: true) sign_in_and_2fa_user complete_doc_auth_steps_before_document_capture_step mock_doc_auth_failure_face_match_pass @@ -346,7 +346,7 @@ before do allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests).and_return(true) allow_any_instance_of(DocAuth::Response).to receive(:selfie_status).and_return(:fail) - start_idv_from_sp(biometric_comparison_required: true) + start_idv_from_sp(facial_match_required: true) sign_in_and_2fa_user complete_doc_auth_steps_before_document_capture_step mock_doc_auth_fail_face_match_fail @@ -367,7 +367,7 @@ pii[:address1] = nil allow_any_instance_of(DocAuth::LexisNexis::Responses::TrueIdResponse). to receive(:pii_from_doc).and_return(Pii::StateId.new(**pii)) - start_idv_from_sp(biometric_comparison_required: true) + start_idv_from_sp(facial_match_required: true) sign_in_and_2fa_user complete_doc_auth_steps_before_document_capture_step mock_doc_auth_pass_face_match_pass_no_address1 diff --git a/spec/features/idv/gpo_disabled_spec.rb b/spec/features/idv/gpo_disabled_spec.rb index 859ded499fc..69cfcf3b379 100644 --- a/spec/features/idv/gpo_disabled_spec.rb +++ b/spec/features/idv/gpo_disabled_spec.rb @@ -37,14 +37,14 @@ end end - context 'GPO address verification disallowed for biometric comparison' do + context 'GPO address verification disallowed for facial match comparison' do before do allow(IdentityConfig.store).to receive(:use_vot_in_sp_requests).and_return(true) end - it 'does not allow verify by mail with biometric comparison', :js do + it 'does not allow verify by mail with facial match comparison', :js do user = user_with_2fa - start_idv_from_sp(:oidc, biometric_comparison_required: true) + start_idv_from_sp(:oidc, facial_match_required: true) sign_in_and_2fa_user(user) complete_all_doc_auth_steps(with_selfie: true) @@ -56,9 +56,9 @@ expect(page).to have_current_path(idv_phone_path) end - it 'does allow verify by mail without biometric comparison', :js do + it 'does allow verify by mail without facial match comparison', :js do user = user_with_2fa - start_idv_from_sp(:oidc, biometric_comparison_required: false) + start_idv_from_sp(:oidc, facial_match_required: false) sign_in_and_2fa_user(user) complete_all_doc_auth_steps(with_selfie: false) click_on t('idv.troubleshooting.options.verify_by_mail') diff --git a/spec/features/idv/hybrid_mobile/hybrid_mobile_spec.rb b/spec/features/idv/hybrid_mobile/hybrid_mobile_spec.rb index e1b04ea52ed..dcae8c37fbd 100644 --- a/spec/features/idv/hybrid_mobile/hybrid_mobile_spec.rb +++ b/spec/features/idv/hybrid_mobile/hybrid_mobile_spec.rb @@ -110,12 +110,12 @@ end end - context 'when biometric confirmation is requested' do + context 'when facial match confirmation is requested' do it 'proofs and hands off to mobile', js: true do user = nil perform_in_browser(:desktop) do - visit_idp_from_oidc_sp_with_ial2(biometric_comparison_required: true) + visit_idp_from_oidc_sp_with_ial2(facial_match_required: true) user = sign_up_and_2fa_ial1_user @@ -431,7 +431,7 @@ user = create(:user, :with_authentication_app) perform_in_browser(:desktop) do - start_idv_from_sp(biometric_comparison_required: true) + start_idv_from_sp(facial_match_required: true) sign_in_and_2fa_user(user) complete_doc_auth_steps_before_hybrid_handoff_step diff --git a/spec/features/idv/step_up_spec.rb b/spec/features/idv/step_up_spec.rb index e00732f1a8b..5a18c286802 100644 --- a/spec/features/idv/step_up_spec.rb +++ b/spec/features/idv/step_up_spec.rb @@ -12,7 +12,7 @@ end scenario 'User with active profile can redo idv when selfie required', js: true do - visit_idp_from_sp_with_ial2(sp, biometric_comparison_required: true) + visit_idp_from_sp_with_ial2(sp, facial_match_required: true) sign_in_live_with_2fa(user) expect(page).to have_current_path(idv_welcome_path) diff --git a/spec/features/idv/verify_by_mail_pending_spec.rb b/spec/features/idv/verify_by_mail_pending_spec.rb index b8251533908..c49aeb45775 100644 --- a/spec/features/idv/verify_by_mail_pending_spec.rb +++ b/spec/features/idv/verify_by_mail_pending_spec.rb @@ -8,7 +8,7 @@ profile = create(:profile, :with_pii, :verify_by_mail_pending, user: user) create(:gpo_confirmation_code, profile: profile, created_at: 2.days.ago, updated_at: 2.days.ago) - start_idv_from_sp(biometric_comparison_required: false) + start_idv_from_sp(facial_match_required: false) sign_in_live_with_2fa(user) expect(current_path).to eq(idv_verify_by_mail_enter_code_path) @@ -24,16 +24,16 @@ expect(current_path).to eq(idv_welcome_path) end - it 'does not require them to enter their code if they are upgrading to biometric' do + it 'does not require them to enter their code if they are upgrading to facial match' do user = create(:user, :fully_registered) profile = create(:profile, :with_pii, :verify_by_mail_pending, user: user) create(:gpo_confirmation_code, profile: profile, created_at: 2.days.ago, updated_at: 2.days.ago) - start_idv_from_sp(biometric_comparison_required: true) + start_idv_from_sp(facial_match_required: true) sign_in_live_with_2fa(user) # The user is redirected to proofing since their pending profile does not meet - # the biometric comparison requirement + # the facial match comparison requirement expect(current_path).to eq(idv_welcome_path) end end diff --git a/spec/features/openid_connect/vtr_spec.rb b/spec/features/openid_connect/vtr_spec.rb index d4d4c740b18..06683ad5da2 100644 --- a/spec/features/openid_connect/vtr_spec.rb +++ b/spec/features/openid_connect/vtr_spec.rb @@ -110,7 +110,8 @@ expect(current_path).to eq(idv_welcome_path) end - scenario 'sign in with VTR request for idv with biometric requires idv with biometric', :js do + scenario 'sign in with VTR request for idv with facial match requires idv with facial match', + :js do user = create(:user, :fully_registered) visit_idp_from_oidc_sp_with_vtr(vtr: ['Pb']) diff --git a/spec/features/saml/vtr_spec.rb b/spec/features/saml/vtr_spec.rb index ede0ab39f5f..7321a806b07 100644 --- a/spec/features/saml/vtr_spec.rb +++ b/spec/features/saml/vtr_spec.rb @@ -189,7 +189,7 @@ expect(ssn).to eq(pii[:ssn]) end - scenario 'sign in with VTR request for idv with biometric requires idv with biometric', + scenario 'sign in with VTR request for idv with facial match requires idv with facial match', :js, allowed_extra_analytics: [:*] do user = create(:user, :proofed) diff --git a/spec/features/sign_in/multiple_vot_spec.rb b/spec/features/sign_in/multiple_vot_spec.rb index d7715eb1bc4..8145eee78cb 100644 --- a/spec/features/sign_in/multiple_vot_spec.rb +++ b/spec/features/sign_in/multiple_vot_spec.rb @@ -7,8 +7,8 @@ include DocAuthHelper context 'with OIDC' do - context 'biometric and non-biometric proofing is acceptable' do - scenario 'identity proofing is not required if user is proofed with biometric' do + context 'facial match and non-facial match proofing is acceptable' do + scenario 'identity proofing is not required if user is proofed with facial match' do user = create(:user, :proofed_with_selfie) visit_idp_from_oidc_sp_with_vtr(vtr: ['C1.C2.P1.Pb', 'C1.C2.P1']) @@ -23,7 +23,7 @@ expect(user_info[:vot]).to eq('C1.C2.P1.Pb') end - scenario 'identity proofing is not required if user is proofed without biometric' do + scenario 'identity proofing is not required if user is proofed without facial match' do user = create(:user, :proofed) visit_idp_from_oidc_sp_with_vtr(vtr: ['C1.C2.P1.Pb', 'C1.C2.P1']) @@ -38,7 +38,7 @@ expect(user_info[:vot]).to eq('C1.C2.P1') end - scenario 'identity proofing with biometric is required if user is not proofed', + scenario 'identity proofing with facial match is required if user is not proofed', :js, allowed_extra_analytics: [:*] do user = create(:user, :fully_registered) @@ -133,8 +133,8 @@ end end - context 'biometric and non-biometric proofing is acceptable' do - scenario 'identity proofing is not required if user is proofed with biometric' do + context 'facial match and non-facial match proofing is acceptable' do + scenario 'identity proofing is not required if user is proofed with facial match' do user = create(:user, :proofed_with_selfie) visit_saml_authn_request_url( @@ -155,7 +155,7 @@ expect(first_name).to_not be_blank end - scenario 'identity proofing is not required if user is proofed without biometric' do + scenario 'identity proofing is not required if user is proofed without facial match' do user = create(:user, :proofed) visit_saml_authn_request_url( @@ -176,7 +176,7 @@ expect(first_name).to_not be_blank end - scenario 'identity proofing with biometric is required if user is not proofed', + scenario 'identity proofing with facial match is required if user is not proofed', :js, allowed_extra_analytics: [:*] do user = create(:user, :fully_registered) diff --git a/spec/forms/openid_connect_authorize_form_spec.rb b/spec/forms/openid_connect_authorize_form_spec.rb index 580983f27d7..6fb26fda4d7 100644 --- a/spec/forms/openid_connect_authorize_form_spec.rb +++ b/spec/forms/openid_connect_authorize_form_spec.rb @@ -211,13 +211,13 @@ end end - shared_examples 'allows biometric IAL only if sp is authorized' do |biometric_ial| - let(:acr_values) { biometric_ial } + shared_examples 'allows facial match IAL only if sp is authorized' do |facial_match_ial| + let(:acr_values) { facial_match_ial } - context "when the IAL requested is #{biometric_ial}" do - context 'when the service provider is allowed to use biometric ials' do + context "when the IAL requested is #{facial_match_ial}" do + context 'when the service provider is allowed to use facial match ials' do before do - allow_any_instance_of(ServiceProvider).to receive(:biometric_ial_allowed?). + allow_any_instance_of(ServiceProvider).to receive(:facial_match_ial_allowed?). and_return(true) end @@ -226,9 +226,9 @@ end end - context 'when the service provider is not allowed to use biometric ials' do + context 'when the service provider is not allowed to use facial match ials' do before do - allow_any_instance_of(ServiceProvider).to receive(:biometric_ial_allowed?). + allow_any_instance_of(ServiceProvider).to receive(:facial_match_ial_allowed?). and_return(false) end @@ -241,10 +241,10 @@ end end - it_behaves_like 'allows biometric IAL only if sp is authorized', + it_behaves_like 'allows facial match IAL only if sp is authorized', Saml::Idp::Constants::IAL2_BIO_PREFERRED_AUTHN_CONTEXT_CLASSREF - it_behaves_like 'allows biometric IAL only if sp is authorized', + it_behaves_like 'allows facial match IAL only if sp is authorized', Saml::Idp::Constants::IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF context 'with aal but not ial requested via acr_values' do diff --git a/spec/models/profile_spec.rb b/spec/models/profile_spec.rb index cf4b1aa3004..10af4778843 100644 --- a/spec/models/profile_spec.rb +++ b/spec/models/profile_spec.rb @@ -347,17 +347,17 @@ expect(active_profile.verified_at).to be_present end - context 'when a user creates a biometric comparision profile' do + context 'when a user creates a facial match comparision profile' do context 'when the user has an active profile' do - it 'creates a biometric upgrade record' do + it 'creates a facial match upgrade record' do profile.activate - biometric_profile = create( + facial_match_profile = create( :profile, - :biometric_proof, + :facial_match_proof, user: user, ) - expect { biometric_profile.activate }.to( + expect { facial_match_profile.activate }.to( change do SpUpgradedBiometricProfile.count end.by(1), @@ -365,25 +365,29 @@ end end - context 'when the user has an active biometric profile' do - it 'does not create a biometric conversion record' do - create(:profile, :active, :biometric_proof, user: user) + context 'when the user has an active facial match profile' do + it 'does not create a facial match conversion record' do + create(:profile, :active, :facial_match_proof, user: user) - biometric_reproof = create(:profile, :biometric_proof, user: user) - expect { biometric_reproof.activate }.to_not(change { SpUpgradedBiometricProfile.count }) + facial_match_reproof = create(:profile, :facial_match_proof, user: user) + expect { facial_match_reproof.activate }.to_not( + change do + SpUpgradedBiometricProfile.count + end, + ) end end context 'when the user does not have an active profile' do - it 'does not create a biometric conversion record' do - profile = create(:profile, :biometric_proof, user: user) + it 'does not create a facial match conversion record' do + profile = create(:profile, :facial_match_proof, user: user) expect { profile.activate }.to_not(change { SpUpgradedBiometricProfile.count }) end end end - it 'does not create a biometric upgrade record for a non-biometric profile' do + it 'does not create a facial match upgrade record for a non-facial match profile' do expect { profile.activate }.to_not(change { SpUpgradedBiometricProfile.count }) end diff --git a/spec/models/service_provider_spec.rb b/spec/models/service_provider_spec.rb index ba79ea601f9..532b8e24ca2 100644 --- a/spec/models/service_provider_spec.rb +++ b/spec/models/service_provider_spec.rb @@ -81,8 +81,8 @@ end end - describe '#biometric_ial_allowed?' do - context 'when the biometric ial feature is enabled' do + describe '#facial_match_ial_allowed?' do + context 'when the facial match ial feature is enabled' do before do allow(IdentityConfig.store).to receive(:biometric_ial_enabled). and_return(true) @@ -94,8 +94,8 @@ and_return([service_provider.issuer]) end - it 'allows the service provider to use biometric IALs' do - expect(service_provider.biometric_ial_allowed?).to be(true) + it 'allows the service provider to use facial match IALs' do + expect(service_provider.facial_match_ial_allowed?).to be(true) end end @@ -105,13 +105,13 @@ and_return([]) end - it 'does not allow the service provider to use biometric IALs' do - expect(service_provider.biometric_ial_allowed?).to be(false) + it 'does not allow the service provider to use facial match IALs' do + expect(service_provider.facial_match_ial_allowed?).to be(false) end end end - context 'when the biometric ial feature is disabled' do + context 'when the facial match ial feature is disabled' do before do allow(IdentityConfig.store).to receive(:biometric_ial_enabled). and_return(false) @@ -123,8 +123,8 @@ and_return([service_provider.issuer]) end - it 'does not allow the service provider to use biometric IALs' do - expect(service_provider.biometric_ial_allowed?).to be(false) + it 'does not allow the service provider to use facial match IALs' do + expect(service_provider.facial_match_ial_allowed?).to be(false) end end end diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 046e855586b..387260dace3 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -1433,7 +1433,7 @@ def it_should_not_send_survey end end - describe '#identity_verified_with_biometric_comparison?' do + describe '#identity_verified_with_facial_match?' do let(:user) { create(:user) } let(:active_profile) do create( @@ -1446,23 +1446,23 @@ def it_should_not_send_survey it 'returns true if user has an active profile with selfie' do active_profile.idv_level = :unsupervised_with_selfie active_profile.save - expect(user.identity_verified_with_biometric_comparison?).to eq true + expect(user.identity_verified_with_facial_match?).to eq true end it 'returns false if user has an active profile without selfie' do - expect(user.identity_verified_with_biometric_comparison?).to eq false + expect(user.identity_verified_with_facial_match?).to eq false end it 'return true if user has an active in-person profile' do active_profile.idv_level = :in_person active_profile.save - expect(user.identity_verified_with_biometric_comparison?).to eq true + expect(user.identity_verified_with_facial_match?).to eq true end context 'user does not have active profile' do let(:active_profile) { nil } it 'returns false' do - expect(user.identity_verified_with_biometric_comparison?).to eq false + expect(user.identity_verified_with_facial_match?).to eq false end end end diff --git a/spec/policies/pending_profile_policy_spec.rb b/spec/policies/pending_profile_policy_spec.rb index a4f927542b8..a6518e4c652 100644 --- a/spec/policies/pending_profile_policy_spec.rb +++ b/spec/policies/pending_profile_policy_spec.rb @@ -21,7 +21,7 @@ end describe '#user_has_pending_profile?' do - context 'has an active non-biometric profile and biometric comparison is requested' do + context 'has an active non-facial match profile and facial match comparison is requested' do let(:idv_level) { :unsupervised_with_selfie } before do create(:profile, :active, :verified, idv_level: :legacy_unsupervised, user: user) @@ -36,7 +36,7 @@ end end - context 'with biometric comparison requested ACR value' do + context 'with facial match comparison requested ACR value' do let(:acr_values) { Saml::Idp::Constants::IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF } it 'has a usable pending profile' do @@ -45,7 +45,7 @@ end end - context 'no biometric comparison is requested' do + context 'no facial match comparison is requested' do let(:idv_level) { :legacy_unsupervised } let(:vtr) { ['C2'] } context 'user has pending profile' do @@ -64,7 +64,7 @@ it { expect(policy.user_has_pending_profile?).to eq(false) } end - context 'user has active legacy profile with a pending fraud biometric profile' do + context 'user has active legacy profile with a pending fraud facial match profile' do before do create(:profile, :active, :verified, idv_level: idv_level, user: user) create(:profile, :fraud_review_pending, idv_level: :unsupervised_with_selfie, user: user) diff --git a/spec/policies/service_provider_mfa_policy_spec.rb b/spec/policies/service_provider_mfa_policy_spec.rb index 181aeff9c99..2c126dc827e 100644 --- a/spec/policies/service_provider_mfa_policy_spec.rb +++ b/spec/policies/service_provider_mfa_policy_spec.rb @@ -14,7 +14,7 @@ hspd12?: hspd12, phishing_resistant?: phishing_resistant, identity_proofing?: false, - biometric_comparison?: false, + facial_match?: false, two_pieces_of_fair_evidence?: false, ialmax?: false, enhanced_ipp?: false, diff --git a/spec/presenters/account_show_presenter_spec.rb b/spec/presenters/account_show_presenter_spec.rb index 977cc522123..fd2e3bd0997 100644 --- a/spec/presenters/account_show_presenter_spec.rb +++ b/spec/presenters/account_show_presenter_spec.rb @@ -26,14 +26,14 @@ ) end - describe 'identity_verified_with_biometric_comparison?' do - subject(:identity_verified_with_biometric_comparison?) do - presenter.identity_verified_with_biometric_comparison? + describe 'identity_verified_with_facial_match?' do + subject(:identity_verified_with_facial_match?) do + presenter.identity_verified_with_facial_match? end it 'delegates to user' do - expect(identity_verified_with_biometric_comparison?).to eq( - user.identity_verified_with_biometric_comparison?, + expect(identity_verified_with_facial_match?).to eq( + user.identity_verified_with_facial_match?, ) end end @@ -80,30 +80,30 @@ it { is_expected.to eq(false) } - context 'with non-biometric proofed user' do + context 'with non-facial match proofed user' do let(:user) { build(:user, :proofed) } it { is_expected.to eq(true) } - context 'with sp request for non-biometric' do + context 'with sp request for non-facial match' do let(:vtr) { ['C2.P1'] } it { is_expected.to eq(true) } end - context 'with sp request for biometric' do + context 'with sp request for facial match' do let(:vtr) { ['C2.Pb'] } it { is_expected.to eq(false) } end end - context 'with biometric proofed user' do + context 'with facial match proofed user' do let(:user) { build(:user, :proofed_with_selfie) } it { is_expected.to eq(true) } - context 'with sp request for biometric' do + context 'with sp request for facial match' do let(:vtr) { ['C2.Pb'] } it { is_expected.to eq(true) } @@ -116,30 +116,30 @@ it { is_expected.to eq(false) } - context 'with sp request for non-biometric' do + context 'with sp request for non-facial match' do let(:vtr) { ['C2.P1'] } it { is_expected.to eq(true) } - context 'with non-biometric proofed user' do + context 'with non-facial match proofed user' do let(:user) { build(:user, :proofed) } it { is_expected.to eq(false) } end end - context 'with sp request for biometric' do + context 'with sp request for facial match' do let(:vtr) { ['C2.Pb'] } it { is_expected.to eq(true) } - context 'with non-biometric proofed user' do + context 'with non-facial match proofed user' do let(:user) { build(:user, :proofed) } it { is_expected.to eq(true) } end - context 'with biometric proofed user' do + context 'with facial match proofed user' do let(:user) { build(:user, :proofed_with_selfie) } it { is_expected.to eq(false) } @@ -254,13 +254,13 @@ end end - describe '#formatted_nonbiometric_idv_date' do + describe '#formatted_legacy_idv_date' do let(:user) { build(:user, :proofed_with_selfie) } - subject(:formatted_nonbiometric_idv_date) { presenter.formatted_nonbiometric_idv_date } + subject(:formatted_legacy_idv_date) { presenter.formatted_legacy_idv_date } it 'formats a date string' do - expect { Date.parse(formatted_nonbiometric_idv_date) }.not_to raise_error + expect { Date.parse(formatted_legacy_idv_date) }.not_to raise_error end end diff --git a/spec/presenters/openid_connect_user_info_presenter_spec.rb b/spec/presenters/openid_connect_user_info_presenter_spec.rb index 8aa2bfecce4..b0f5d213e2c 100644 --- a/spec/presenters/openid_connect_user_info_presenter_spec.rb +++ b/spec/presenters/openid_connect_user_info_presenter_spec.rb @@ -184,7 +184,7 @@ end end - context 'with biometric comparison' do + context 'with facial match comparison' do let(:acr_values) do [ Saml::Idp::Constants::AAL2_AUTHN_CONTEXT_CLASSREF, diff --git a/spec/services/analytics_spec.rb b/spec/services/analytics_spec.rb index 402e75cda4a..76b797e27d4 100644 --- a/spec/services/analytics_spec.rb +++ b/spec/services/analytics_spec.rb @@ -236,7 +236,7 @@ end end - context 'phishing resistant and requiring biometric comparison' do + context 'phishing resistant and requiring facial match comparison' do let(:session) { { sp: { vtr: ['Ca.Pb'] } } } let(:component_values) do { @@ -252,7 +252,7 @@ { sp_request: { aal2: true, - biometric_comparison: true, + facial_match: true, two_pieces_of_fair_evidence: true, component_values:, identity_proofing: true, @@ -312,7 +312,7 @@ end end - context 'IAL2 with biometric' do + context 'IAL2 with facial match' do let(:session) do { sp: { acr_values: Saml::Idp::Constants::IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF } } end @@ -320,7 +320,7 @@ { sp_request: { aal2: true, - biometric_comparison: true, + facial_match: true, two_pieces_of_fair_evidence: true, component_values: { 'ial/2?bio=required' => true }, identity_proofing: true, diff --git a/spec/services/attribute_asserter_spec.rb b/spec/services/attribute_asserter_spec.rb index aa13f7f3885..7b6eb7a7f94 100644 --- a/spec/services/attribute_asserter_spec.rb +++ b/spec/services/attribute_asserter_spec.rb @@ -4,7 +4,9 @@ include SamlAuthHelper let(:user) { create(:profile, :active, :verified).user } - let(:biometric_verified_user) { create(:profile, :active, :verified, idv_level: :in_person).user } + let(:facial_match_verified_user) do + create(:profile, :active, :verified, idv_level: :in_person).user + end let(:user_session) { {} } let(:identity) do build( @@ -76,7 +78,7 @@ ] end - context 'when the user has been proofed without biometric' do + context 'when the user has been proofed without facial match' do context 'custom bundle includes email, phone, and first_name' do before do user.identities << identity @@ -240,7 +242,7 @@ end end - context 'when the user has been proofed with biometric' do + context 'when the user has been proofed with facial match' do let(:user) { create(:profile, :active, :verified, idv_level: :in_person).user } before do @@ -275,7 +277,7 @@ end context 'when an IAL1 request is made' do - context 'when the user has been proofed without biometric comparison' do + context 'when the user has been proofed without facial match comparison' do context 'custom bundle includes email, phone, and first_name' do before do user.identities << identity @@ -444,7 +446,7 @@ end end - context 'when the user has been proofed with biometric comparison' do + context 'when the user has been proofed with facial match comparison' do let(:user) { create(:profile, :active, :verified, idv_level: :in_person).user } before do @@ -593,7 +595,7 @@ end end - context 'when biometric IAL preferred is requested' do + context 'when facial match IAL preferred is requested' do let(:options) do { authn_context: [ @@ -602,34 +604,34 @@ } end - context 'when the user has been proofed with biometric' do - let(:user) { biometric_verified_user } + context 'when the user has been proofed with facial match' do + let(:user) { facial_match_verified_user } before do user.identities << identity subject.build end - it 'asserts IAL2 with biometric comparison' do + it 'asserts IAL2 with facial match comparison' do expected_ial = Saml::Idp::Constants::IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF expect(get_asserted_attribute(user, :ial)).to eq expected_ial end end - context 'when the user has been proofed without biometric' do + context 'when the user has been proofed without facial match' do before do user.identities << identity subject.build end - it 'asserts IAL2 (without biometric comparison)' do + it 'asserts IAL2 (without facial match comparison)' do expected_ial = Saml::Idp::Constants::IAL2_AUTHN_CONTEXT_CLASSREF expect(get_asserted_attribute(user, :ial)).to eq expected_ial end end end - context 'when biometric IAL required is requested' do + context 'when facial match IAL required is requested' do let(:options) do { authn_context: [ @@ -638,15 +640,15 @@ } end - context 'when the user has been proofed with biometric comparison' do - let(:user) { biometric_verified_user } + context 'when the user has been proofed with facial match comparison' do + let(:user) { facial_match_verified_user } before do user.identities << identity subject.build end - it 'asserts IAL2 with biometric comparison' do + it 'asserts IAL2 with facial match comparison' do expected_ial = Saml::Idp::Constants::IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF expect(get_asserted_attribute(user, :ial)).to eq expected_ial end diff --git a/spec/services/authn_context_resolver_spec.rb b/spec/services/authn_context_resolver_spec.rb index 59ae6de9ed0..60e4f4f6417 100644 --- a/spec/services/authn_context_resolver_spec.rb +++ b/spec/services/authn_context_resolver_spec.rb @@ -19,7 +19,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(false) expect(result.identity_proofing?).to eq(true) - expect(result.biometric_comparison?).to eq(true) + expect(result.facial_match?).to eq(true) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end @@ -39,7 +39,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(false) expect(result.identity_proofing?).to eq(true) - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(true) end @@ -64,8 +64,8 @@ end context 'when the user uses a vtr param with multiple vectors' do - context 'a biometric proofing vector and non-biometric proofing vector is present' do - it 'returns a biometric requirement if the user can satisfy it' do + context 'a facial match proofing vector and non-facial match proofing vector is present' do + it 'returns a facial match requirement if the user can satisfy it' do user = create(:user, :proofed) user.active_profile.update!(idv_level: 'unsupervised_with_selfie') vtr = ['C2.Pb', 'C2.P1'] @@ -78,11 +78,11 @@ ).result expect(result.expanded_component_values).to eq('C1.C2.P1.Pb') - expect(result.biometric_comparison?).to eq(true) + expect(result.facial_match?).to eq(true) expect(result.identity_proofing?).to eq(true) end - it 'returns the non-biometric vector if the user has identity-proofed without biometric' do + it 'returns non-facial match vector if user has identity-proofed without facial match' do user = create(:user, :proofed) vtr = ['C2.Pb', 'C2.P1'] @@ -94,7 +94,7 @@ ).result expect(result.expanded_component_values).to eq('C1.C2.P1') - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.identity_proofing?).to eq(true) end @@ -110,12 +110,12 @@ ).result expect(result.expanded_component_values).to eq('C1.C2.P1.Pb') - expect(result.biometric_comparison?).to eq(true) + expect(result.facial_match?).to eq(true) expect(result.identity_proofing?).to eq(true) end end - context 'a non-biometric identity proofing vector is present' do + context 'a non-facial match identity proofing vector is present' do it 'returns the identity-proofing requirement if the user can satisfy it' do user = create(:user, :proofed) vtr = ['C2.P1', 'C2'] @@ -168,7 +168,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(false) expect(result.identity_proofing?).to eq(false) - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end @@ -190,7 +190,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(false) expect(result.identity_proofing?).to eq(false) - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end @@ -212,7 +212,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(false) expect(result.identity_proofing?).to eq(false) - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end @@ -346,7 +346,7 @@ end end - context 'if requesting biometric comparison' do + context 'if requesting facial match comparison' do let(:bio_value) { 'required' } let(:acr_values) do [ @@ -355,34 +355,34 @@ ].join(' ') end - context 'with biometric comparison is required' do + context 'with facial match comparison is required' do context 'when user is not verified' do - it 'sets biometric_comparison to true' do + it 'sets facial_match to true' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.aal2?).to be true expect(result.two_pieces_of_fair_evidence?).to be true end end context 'when the user is already verified' do - context 'without biometric comparison' do + context 'without facial match comparison' do let(:user) { build(:user, :proofed) } - it 'asserts biometric_comparison as true' do + it 'asserts facial_match as true' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.aal2?).to be true expect(result.two_pieces_of_fair_evidence?).to be true end end - context 'with biometric comparison' do + context 'with facial match comparison' do let(:user) { build(:user, :proofed_with_selfie) } - it 'asserts biometric comparison' do + it 'asserts facial match comparison' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.two_pieces_of_fair_evidence?).to be true expect(result.aal2?).to be true end @@ -390,27 +390,27 @@ end end - context 'with biometric comparison is preferred' do + context 'with facial match comparison is preferred' do let(:bio_value) { 'preferred' } context 'when the user is already verified' do - context 'without biometric comparison' do + context 'without facial match comparison' do let(:user) { build(:user, :proofed) } - it 'falls back on proofing without biometric comparison' do + it 'falls back on proofing without facial match comparison' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be false + expect(result.facial_match?).to be false expect(result.two_pieces_of_fair_evidence?).to be false expect(result.aal2?).to be true end end - context 'with biometric comparison' do + context 'with facial match comparison' do let(:user) { build(:user, :proofed_with_selfie) } - it 'asserts biometric comparison' do + it 'asserts facial match comparison' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.aal2?).to be true end end @@ -419,9 +419,9 @@ context 'when the user has not yet been verified' do let(:user) { build(:user) } - it 'asserts biometric comparison' do + it 'asserts facial match comparison' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.aal2?).to be true end end @@ -465,7 +465,7 @@ expect(result.component_names).to eq(acr_values) expect(result.to_h).to include( aal2?: false, - biometric_comparison?: false, + facial_match?: false, enhanced_ipp?: false, hspd12?: false, ialmax?: false, @@ -495,7 +495,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(false) expect(result.identity_proofing?).to eq(false) - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end @@ -518,7 +518,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(false) expect(result.identity_proofing?).to eq(false) - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end @@ -539,7 +539,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(false) expect(result.identity_proofing?).to eq(false) - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end @@ -615,7 +615,7 @@ end end - context 'if requesting biometric comparison' do + context 'if requesting facial match comparison' do let(:bio_value) { 'required' } let(:acr_values) do [ @@ -626,20 +626,20 @@ before do allow_any_instance_of(ServiceProvider). - to receive(:biometric_ial_allowed?). + to receive(:facial_match_ial_allowed?). and_return(true) end - context 'with biometric comparison is required' do + context 'with facial match comparison is required' do context 'when user is not verified' do it "asserts the resolved IAL as #{Saml::Idp::Constants::IAL_AUTH_ONLY_ACR}" do expect(subject.asserted_ial_acr). to eq(Saml::Idp::Constants::IAL_AUTH_ONLY_ACR) end - it 'sets biometric_comparison to true' do + it 'sets facial_match to true' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.aal2?).to be true expect(result.two_pieces_of_fair_evidence?).to be true expect(result.ialmax?).to be false @@ -647,24 +647,24 @@ end context 'when the user is already verified' do - context 'without biometric comparison' do + context 'without facial match comparison' do let(:user) { build(:user, :proofed) } - it 'asserts biometric_comparison as true' do + it 'asserts facial_match as true' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.aal2?).to be true expect(result.two_pieces_of_fair_evidence?).to be true expect(result.ialmax?).to be false end end - context 'with biometric comparison' do + context 'with facial match comparison' do let(:user) { build(:user, :proofed_with_selfie) } - it 'asserts biometric comparison' do + it 'asserts facial match comparison' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.two_pieces_of_fair_evidence?).to be true expect(result.aal2?).to be true expect(result.ialmax?).to be false @@ -673,28 +673,28 @@ end end - context 'with biometric comparison is preferred' do + context 'with facial match comparison is preferred' do let(:bio_value) { 'preferred' } context 'when the user is already verified' do - context 'without biometric comparison' do + context 'without facial match comparison' do let(:user) { build(:user, :proofed) } - it 'falls back on proofing without biometric comparison' do + it 'falls back on proofing without facial match comparison' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be false + expect(result.facial_match?).to be false expect(result.two_pieces_of_fair_evidence?).to be false expect(result.aal2?).to be true expect(result.ialmax?).to be false end end - context 'with biometric comparison' do + context 'with facial match comparison' do let(:user) { build(:user, :proofed_with_selfie) } - it 'asserts biometric comparison' do + it 'asserts facial match comparison' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.two_pieces_of_fair_evidence?).to be true expect(result.aal2?).to be true expect(result.ialmax?).to be false @@ -705,9 +705,9 @@ context 'when the user has not yet been verified' do let(:user) { build(:user) } - it 'asserts biometric comparison' do + it 'asserts facial match comparison' do expect(result.identity_proofing?).to be true - expect(result.biometric_comparison?).to be true + expect(result.facial_match?).to be true expect(result.two_pieces_of_fair_evidence?).to be true expect(result.aal2?).to be true expect(result.ialmax?).to be false diff --git a/spec/services/id_token_builder_spec.rb b/spec/services/id_token_builder_spec.rb index 2d24daa0856..97baa674602 100644 --- a/spec/services/id_token_builder_spec.rb +++ b/spec/services/id_token_builder_spec.rb @@ -108,7 +108,7 @@ end end - context 'ial2 with biometric comparison required' do + context 'ial2 with facial match comparison required' do before do identity.ial = 2 identity.acr_values = Saml::Idp::Constants::IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF diff --git a/spec/services/saml_request_validator_spec.rb b/spec/services/saml_request_validator_spec.rb index 427827ae380..c675f3a0b43 100644 --- a/spec/services/saml_request_validator_spec.rb +++ b/spec/services/saml_request_validator_spec.rb @@ -232,15 +232,15 @@ end end - shared_examples 'allows biometric IAL only if sp is authorized' do |biometric_ial| - let(:authn_context) { [biometric_ial] } + shared_examples 'allows facial match IAL only if sp is authorized' do |facial_match_ial| + let(:authn_context) { [facial_match_ial] } - context "when the IAL requested is #{biometric_ial}" do - context 'when the service provider is allowed to use biometric ials' do + context "when the IAL requested is #{facial_match_ial}" do + context 'when the service provider is allowed to use facial match ials' do let(:sp) { create(:service_provider, :idv) } before do - allow_any_instance_of(ServiceProvider).to receive(:biometric_ial_allowed?). + allow_any_instance_of(ServiceProvider).to receive(:facial_match_ial_allowed?). and_return(true) end @@ -253,9 +253,9 @@ end end - context 'when the service provider is not allowed to use biometric ials' do + context 'when the service provider is not allowed to use facial match ials' do before do - allow_any_instance_of(ServiceProvider).to receive(:biometric_ial_allowed?). + allow_any_instance_of(ServiceProvider).to receive(:facial_match_ial_allowed?). and_return(false) end @@ -275,10 +275,10 @@ end end - it_behaves_like 'allows biometric IAL only if sp is authorized', + it_behaves_like 'allows facial match IAL only if sp is authorized', Saml::Idp::Constants::IAL2_BIO_REQUIRED_AUTHN_CONTEXT_CLASSREF - it_behaves_like 'allows biometric IAL only if sp is authorized', + it_behaves_like 'allows facial match IAL only if sp is authorized', Saml::Idp::Constants::IAL2_BIO_PREFERRED_AUTHN_CONTEXT_CLASSREF shared_examples 'allows semantic IAL only if sp is authorized' do |semantic_ial| diff --git a/spec/services/vot/parser_spec.rb b/spec/services/vot/parser_spec.rb index 3ea2f312878..07bbbd761c1 100644 --- a/spec/services/vot/parser_spec.rb +++ b/spec/services/vot/parser_spec.rb @@ -20,7 +20,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(true) expect(result.identity_proofing?).to eq(false) - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end @@ -37,7 +37,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(false) expect(result.identity_proofing?).to eq(true) - expect(result.biometric_comparison?).to eq(true) + expect(result.facial_match?).to eq(true) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end @@ -94,7 +94,7 @@ expect(result.phishing_resistant?).to eq(false) expect(result.hspd12?).to eq(true) expect(result.identity_proofing?).to eq(true) - expect(result.biometric_comparison?).to eq(false) + expect(result.facial_match?).to eq(false) expect(result.ialmax?).to eq(false) expect(result.enhanced_ipp?).to eq(false) end diff --git a/spec/support/features/doc_auth_helper.rb b/spec/support/features/doc_auth_helper.rb index 96b850afec1..264cee35488 100644 --- a/spec/support/features/doc_auth_helper.rb +++ b/spec/support/features/doc_auth_helper.rb @@ -97,12 +97,12 @@ def complete_doc_auth_steps_before_document_capture_step(expect_accessible: fals end def complete_up_to_how_to_verify_step_for_opt_in_ipp(remote: true, - biometric_comparison_required: false) + facial_match_required: false) complete_doc_auth_steps_before_welcome_step complete_welcome_step complete_agreement_step if remote - if biometric_comparison_required + if facial_match_required click_on t('forms.buttons.continue_remote_selfie') else click_on t('forms.buttons.continue_remote') diff --git a/spec/support/features/idv_helper.rb b/spec/support/features/idv_helper.rb index 5aeb79925e0..9be0e693533 100644 --- a/spec/support/features/idv_helper.rb +++ b/spec/support/features/idv_helper.rb @@ -142,7 +142,7 @@ def visit_idp_from_oidc_sp_with_ial2( state: SecureRandom.hex, nonce: SecureRandom.hex, verified_within: nil, - biometric_comparison_required: nil + facial_match_required: nil ) params = { client_id:, @@ -155,7 +155,7 @@ def visit_idp_from_oidc_sp_with_ial2( verified_within:, } - if biometric_comparison_required + if facial_match_required params[:vtr] = ['C1.P1.Pb'].to_json else params[:acr_values] = Saml::Idp::Constants::IAL2_AUTHN_CONTEXT_CLASSREF diff --git a/spec/support/features/idv_step_helper.rb b/spec/support/features/idv_step_helper.rb index e6a6011b541..51266c3b647 100644 --- a/spec/support/features/idv_step_helper.rb +++ b/spec/support/features/idv_step_helper.rb @@ -13,9 +13,9 @@ def self.included(base) end end - def start_idv_from_sp(sp = :oidc, biometric_comparison_required: nil) + def start_idv_from_sp(sp = :oidc, facial_match_required: nil) if sp.present? - visit_idp_from_sp_with_ial2(sp, biometric_comparison_required:) + visit_idp_from_sp_with_ial2(sp, facial_match_required:) else visit root_path end diff --git a/spec/support/oidc_auth_helper.rb b/spec/support/oidc_auth_helper.rb index 76e0b626b35..e8aaa703e2b 100644 --- a/spec/support/oidc_auth_helper.rb +++ b/spec/support/oidc_auth_helper.rb @@ -87,7 +87,7 @@ def ial2_params( nonce: SecureRandom.hex, client_id: OIDC_ISSUER, acr_values: Saml::Idp::Constants::IAL2_AUTHN_CONTEXT_CLASSREF, - biometric_comparison_required: false + facial_match_required: false ) ial2_params = { client_id: client_id, @@ -99,7 +99,7 @@ def ial2_params( } ial2_params[:prompt] = prompt if prompt - if biometric_comparison_required + if facial_match_required ial2_params[:vtr] = ['C1.P1.Pb'].to_json else ial2_params[:acr_values] = acr_values diff --git a/spec/views/accounts/_identity_verification.html.erb_spec.rb b/spec/views/accounts/_identity_verification.html.erb_spec.rb index 7a925ef168d..436621dae2b 100644 --- a/spec/views/accounts/_identity_verification.html.erb_spec.rb +++ b/spec/views/accounts/_identity_verification.html.erb_spec.rb @@ -61,7 +61,7 @@ end end - context 'with partner requesting non-biometric verification' do + context 'with partner requesting non-facial match verification' do let(:sp_name) { 'Example SP' } let(:vtr) { ['C2.P1'] } @@ -152,7 +152,7 @@ end end - context 'with non-biometric proofed user' do + context 'with non-facial match proofed user' do let(:user) { build(:user, :proofed) } it 'shows verified badge' do @@ -201,7 +201,7 @@ end end - context 'with partner requesting biometric verification' do + context 'with partner requesting facial match verification' do let(:sp_name) { 'Example SP' } let(:vtr) { ['C2.Pb'] } @@ -221,7 +221,7 @@ end end - context 'with non-biometric proofed user' do + context 'with non-facial match proofed user' do let(:user) { build(:user, :proofed) } it 'shows unverified badge' do @@ -234,7 +234,7 @@ t( 'account.index.verification.nonbiometric_verified_html', app_name: APP_NAME, - date: @presenter.formatted_nonbiometric_idv_date, + date: @presenter.formatted_legacy_idv_date, ), ), ) @@ -261,7 +261,7 @@ end end - context 'with biometric proofed user' do + context 'with facial match proofed user' do let(:user) { build(:user, :proofed_with_selfie) } it 'shows verified badge' do