From fe3d6679eb24b186210a8062c4c669a3b4dd5224 Mon Sep 17 00:00:00 2001
From: Vraj Mohan <vraj.mohan@gsa.gov>
Date: Wed, 2 Oct 2024 13:51:13 -0700
Subject: [PATCH 01/11] Move FACIAL_MATCH_IDV_LEVELS constant to Profile
 (#11306)

* Move FACIAL_MATCH_IDV_LEVELS constant to Profile

See https://gitlab.login.gov/lg-people/Melba/backlog-fy24/-/issues/118

changelog: Internal, Refactoring, Move constant to appropriate owner

Co-authored-by: Zach Margolis <zachmargolis@users.noreply.github.com>
---
 app/models/profile.rb | 4 +++-
 app/models/user.rb    | 4 +---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/models/profile.rb b/app/models/profile.rb
index 3eece1614e7..b4c6a2fd5e9 100644
--- a/app/models/profile.rb
+++ b/app/models/profile.rb
@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 
 class Profile < ApplicationRecord
+  FACIAL_MATCH_IDV_LEVELS = %w[unsupervised_with_selfie in_person].to_set.freeze
+
   belongs_to :user
   # rubocop:disable Rails/InverseOf
   belongs_to :initiating_service_provider,
@@ -310,7 +312,7 @@ def profile_age_in_seconds
   end
 
   def facial_match?
-    ::User::FACIAL_MATCH_IDV_LEVELS.include?(idv_level)
+    FACIAL_MATCH_IDV_LEVELS.include?(idv_level)
   end
 
   private
diff --git a/app/models/user.rb b/app/models/user.rb
index a30109699c5..5a6accc2dbe 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -25,8 +25,6 @@ class User < ApplicationRecord
   MAX_RECENT_EVENTS = 5
   MAX_RECENT_DEVICES = 5
 
-  FACIAL_MATCH_IDV_LEVELS = %w[unsupervised_with_selfie in_person].to_set.freeze
-
   enum otp_delivery_preference: { sms: 0, voice: 1 }
 
   # rubocop:disable Rails/HasManyOrHasOneDependent
@@ -377,7 +375,7 @@ def identity_verified?
   end
 
   def identity_verified_with_facial_match?
-    FACIAL_MATCH_IDV_LEVELS.include?(active_profile&.idv_level)
+    active_profile.present? && active_profile.facial_match?
   end
 
   # This user's most recently activated profile that has also been deactivated

From 7741e167cd0568bff275e64bbd15270f78f0e8dc Mon Sep 17 00:00:00 2001
From: A Shukla <abir.shukla@gsa.gov>
Date: Wed, 2 Oct 2024 16:17:42 -0500
Subject: [PATCH 02/11] LG-14169 visual and content changes to split doc auth
 (#11285)

* changelog: Upcoming Features, split doc auth, visual and content changes for split doc auth capture pages

* Rebasing with updated main

* Fixing ratio issue on resubmit doc auth page
---
 .../components/_file-input.scss               | 24 ++++++++++++++++++-
 .../components/documents-step.tsx             | 16 ++-----------
 .../components/file-input.tsx                 |  2 ++
 .../components/selfie-step.tsx                |  7 +-----
 config/locales/en.yml                         | 18 +++++++-------
 config/locales/es.yml                         | 14 +++++------
 config/locales/fr.yml                         | 18 +++++++-------
 config/locales/zh.yml                         | 18 +++++++-------
 .../idv/doc_auth/document_capture_spec.rb     | 16 ++++++++-----
 .../documents-and-selfie-step-spec.tsx        |  4 ++--
 10 files changed, 74 insertions(+), 63 deletions(-)

diff --git a/app/javascript/packages/document-capture/components/_file-input.scss b/app/javascript/packages/document-capture/components/_file-input.scss
index 1b40bc4e61e..e1e6e31784e 100644
--- a/app/javascript/packages/document-capture/components/_file-input.scss
+++ b/app/javascript/packages/document-capture/components/_file-input.scss
@@ -17,6 +17,18 @@
   border-width: 3px;
 }
 
+usa-file-input:not(
+    .usa-file-input--has-value,
+    .usa-file-input--value-pending,
+    .usa-file-input--is-id-capture
+  )
+  .usa-form-group--success
+  .usa-file-input
+  .usa-file-input__target {
+  height: 21rem;
+  width: 12rem;
+}
+
 .usa-file-input:not(.usa-file-input--has-value, .usa-file-input--value-pending) {
   .usa-file-input__target {
     border-color: color('primary');
@@ -75,7 +87,17 @@
     width: 100%;
   }
 }
-
+.usa-file-input.usa-file-input--single-value:not(.usa-file-input--is-id-capture) {
+  .usa-file-input__preview {
+    width: 12rem;
+  }
+  .usa-file-input__target {
+    width: 12rem;
+  }
+  .usa-file-input__preview-image {
+    width: 12rem;
+  }
+}
 .usa-file-input__input:not([disabled]):focus {
   outline: 3px solid color('primary');
   outline-offset: 6px;
diff --git a/app/javascript/packages/document-capture/components/documents-step.tsx b/app/javascript/packages/document-capture/components/documents-step.tsx
index a46f033831c..8fbeafbc196 100644
--- a/app/javascript/packages/document-capture/components/documents-step.tsx
+++ b/app/javascript/packages/document-capture/components/documents-step.tsx
@@ -1,11 +1,10 @@
 import { useContext } from 'react';
 import { useI18n } from '@18f/identity-react-i18n';
 import { FormStepComponentProps, FormStepsButton } from '@18f/identity-form-steps';
-import { PageHeading } from '@18f/identity-components';
 import { Cancel } from '@18f/identity-verify-flow';
 import HybridDocCaptureWarning from './hybrid-doc-capture-warning';
 import TipList from './tip-list';
-import { DeviceContext, SelfieCaptureContext, UploadContext } from '../context';
+import { DeviceContext, UploadContext } from '../context';
 import {
   ImageValue,
   DefaultSideProps,
@@ -41,13 +40,7 @@ export function DocumentsCaptureStep({
 
 export function DocumentCaptureSubheaderOne() {
   const { t } = useI18n();
-  return (
-    <h2>
-      <hr className="margin-y-5" />
-      {'1. '}
-      {t('doc_auth.headings.document_capture_subheader_id')}
-    </h2>
-  );
+  return <h1>{t('doc_auth.headings.document_capture')}</h1>;
 }
 
 export default function DocumentsStep({
@@ -60,10 +53,6 @@ export default function DocumentsStep({
   const { t } = useI18n();
   const { isMobile } = useContext(DeviceContext);
   const { flowPath } = useContext(UploadContext);
-  const { isSelfieCaptureEnabled } = useContext(SelfieCaptureContext);
-  const pageHeaderText = isSelfieCaptureEnabled
-    ? t('doc_auth.headings.document_capture_with_selfie')
-    : t('doc_auth.headings.document_capture');
   const defaultSideProps: DefaultSideProps = {
     registerField,
     onChange,
@@ -73,7 +62,6 @@ export default function DocumentsStep({
   return (
     <>
       {flowPath === 'hybrid' && <HybridDocCaptureWarning className="margin-bottom-4" />}
-      <PageHeading>{pageHeaderText}</PageHeading>
       <DocumentCaptureSubheaderOne />
       <TipList
         titleClassName="margin-bottom-0 text-bold"
diff --git a/app/javascript/packages/document-capture/components/file-input.tsx b/app/javascript/packages/document-capture/components/file-input.tsx
index fcc2a0b02ec..f857dbb510e 100644
--- a/app/javascript/packages/document-capture/components/file-input.tsx
+++ b/app/javascript/packages/document-capture/components/file-input.tsx
@@ -256,6 +256,7 @@ function FileInput(props: FileInputProps, ref: ForwardedRef<any>) {
   // they don't have a preview. This shows the name of the file in the upload
   // box (using the existing preview) when the file name ends with .yml
   const isYAMLFile: boolean = value instanceof window.File && value.name.endsWith('.yml');
+  const isIdCapture: boolean = !(label === t('doc_auth.headings.document_capture_selfie'));
 
   /**
    * In response to a file input change event, confirms that the file is valid before calling
@@ -387,6 +388,7 @@ function FileInput(props: FileInputProps, ref: ForwardedRef<any>) {
           isDraggingOver && 'usa-file-input--drag',
           value && !isValuePending && 'usa-file-input--has-value',
           isValuePending && 'usa-file-input--value-pending',
+          isIdCapture && 'usa-file-input--is-id-capture',
         ]
           .filter(Boolean)
           .join(' ')}
diff --git a/app/javascript/packages/document-capture/components/selfie-step.tsx b/app/javascript/packages/document-capture/components/selfie-step.tsx
index 1acffbc28f5..20a930e1d96 100644
--- a/app/javascript/packages/document-capture/components/selfie-step.tsx
+++ b/app/javascript/packages/document-capture/components/selfie-step.tsx
@@ -5,7 +5,6 @@ import {
   FormStepsButton,
   FormStepsContext,
 } from '@18f/identity-form-steps';
-import { PageHeading } from '@18f/identity-components';
 import { Cancel } from '@18f/identity-verify-flow';
 import HybridDocCaptureWarning from './hybrid-doc-capture-warning';
 import DocumentSideAcuantCapture from './document-side-acuant-capture';
@@ -29,8 +28,7 @@ export function SelfieCaptureStep({
   const { t } = useI18n();
   return (
     <>
-      <hr className="margin-y-5" />
-      <h2>2. {t('doc_auth.headings.document_capture_subheader_selfie')}</h2>
+      <h1>{t('doc_auth.headings.document_capture_subheader_selfie')}</h1>
       <p>{t('doc_auth.info.selfie_capture_content')}</p>
       <TipList
         title={t('doc_auth.tips.document_capture_selfie_selfie_text')}
@@ -60,10 +58,8 @@ export default function SelfieStep({
   onError = () => {},
   registerField = () => undefined,
 }: FormStepComponentProps<DocumentsAndSelfieStepValue>) {
-  const { t } = useI18n();
   const { isLastStep } = useContext(FormStepsContext);
   const { flowPath } = useContext(UploadContext);
-  const pageHeaderText = t('doc_auth.headings.document_capture_with_selfie');
 
   const defaultSideProps: DefaultSideProps = {
     registerField,
@@ -74,7 +70,6 @@ export default function SelfieStep({
   return (
     <>
       {flowPath === 'hybrid' && <HybridDocCaptureWarning className="margin-bottom-4" />}
-      <PageHeading>{pageHeaderText}</PageHeading>
       <SelfieCaptureStep
         defaultSideProps={defaultSideProps}
         selfieValue={value.selfie}
diff --git a/config/locales/en.yml b/config/locales/en.yml
index aebea9e45e9..49f1cedb0fc 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -579,7 +579,7 @@ doc_auth.headings.document_capture_back: Back of your ID
 doc_auth.headings.document_capture_front: Front of your ID
 doc_auth.headings.document_capture_selfie: Photo of your face
 doc_auth.headings.document_capture_subheader_id: Driver’s license or state ID card
-doc_auth.headings.document_capture_subheader_selfie: Photo of your face
+doc_auth.headings.document_capture_subheader_selfie: Add a photo of your face
 doc_auth.headings.document_capture_with_selfie: Add photos of your ID and a photo of yourself
 doc_auth.headings.front: Front of your driver’s license or state ID
 doc_auth.headings.how_to_verify: Choose how you want to verify your identity
@@ -679,16 +679,16 @@ doc_auth.instructions.text2: You will not need your physical SSN card.
 doc_auth.instructions.text3: We match your phone number with your personal information and send a one-time code to your phone.
 doc_auth.instructions.text4: Your password saves and encrypts your personal information.
 doc_auth.tips.document_capture_hint: Must be a JPG or PNG
-doc_auth.tips.document_capture_id_text1: Place your ID on a flat and dark surface.
-doc_auth.tips.document_capture_id_text2: Take your photo in a well-lit place.
-doc_auth.tips.document_capture_id_text3: Avoid glare or shadows on your ID.
+doc_auth.tips.document_capture_id_text1: Use a flat and dark surface
+doc_auth.tips.document_capture_id_text2: Take photos in a well-lit place
+doc_auth.tips.document_capture_id_text3: Avoid glare or shadows
 doc_auth.tips.document_capture_id_text4: File size should be at least 2 MB.
-doc_auth.tips.document_capture_selfie_id_header_text: How to take clear photos of your ID
+doc_auth.tips.document_capture_selfie_id_header_text: How to take clear photos
 doc_auth.tips.document_capture_selfie_selfie_text: How to prepare for your photo
-doc_auth.tips.document_capture_selfie_text1: Remove any clothing items or accessories that might cover your face. We suggest removing your glasses or hat.
-doc_auth.tips.document_capture_selfie_text2: Take your photo in a well-lit place.
-doc_auth.tips.document_capture_selfie_text3: Keep your expression neutral.
-doc_auth.tips.document_capture_selfie_text4: Make sure your whole face is visible within the green circle.
+doc_auth.tips.document_capture_selfie_text1: Remove any items covering your face, like glasses or a hat
+doc_auth.tips.document_capture_selfie_text2: Take photo in a well-lit place
+doc_auth.tips.document_capture_selfie_text3: Keep your expression neutral
+doc_auth.tips.document_capture_selfie_text4: Make sure your whole face is visible within the green circle
 doc_auth.tips.mobile_phone_required: Mobile Phone Required
 doc_auth.tips.review_issues_id_header_text: 'Review the images of your state‑issued ID:'
 doc_auth.tips.review_issues_id_text1: Did you use a dark background?
diff --git a/config/locales/es.yml b/config/locales/es.yml
index 4cf1827c652..c9a6c9c849d 100644
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -590,7 +590,7 @@ doc_auth.headings.document_capture_back: Reverso de su identificación
 doc_auth.headings.document_capture_front: Frente de su identificación
 doc_auth.headings.document_capture_selfie: Fotografía de su cara
 doc_auth.headings.document_capture_subheader_id: Licencia de conducir o identificación estatal
-doc_auth.headings.document_capture_subheader_selfie: Fotografía de su cara
+doc_auth.headings.document_capture_subheader_selfie: Añada una foto de su cara
 doc_auth.headings.document_capture_with_selfie: Agregue fotos de su identificación y una foto de usted
 doc_auth.headings.front: Frente de su licencia de conducir o identificación estatal
 doc_auth.headings.how_to_verify: Elija cómo desea verificar su identidad
@@ -690,15 +690,15 @@ doc_auth.instructions.text2: No necesita la tarjeta física del Seguro Social.
 doc_auth.instructions.text3: Revisamos que su número de teléfono coincida con su información personal y enviamos un código de un solo uso a su teléfono.
 doc_auth.instructions.text4: Su contraseña guarda y cifra su información personal.
 doc_auth.tips.document_capture_hint: Debe ser un archivo JPG o PNG
-doc_auth.tips.document_capture_id_text1: Coloque su identificación en una superficie plana y de color oscuro.
-doc_auth.tips.document_capture_id_text2: Tómese la foto en un lugar bien iluminado.
-doc_auth.tips.document_capture_id_text3: Evite que se vean reflejos o sombras en su identificación.
+doc_auth.tips.document_capture_id_text1: Use una superficie plana y de color oscuro.
+doc_auth.tips.document_capture_id_text2: Tome fotos en un lugar bien iluminado
+doc_auth.tips.document_capture_id_text3: Evite que se vean reflejos o sombras
 doc_auth.tips.document_capture_id_text4: El tamaño del archivo debe ser de al menos 2 MB.
 doc_auth.tips.document_capture_selfie_id_header_text: Cómo tomar fotos nítidas de su identificación
 doc_auth.tips.document_capture_selfie_selfie_text: Cómo prepararse para tomar su foto
-doc_auth.tips.document_capture_selfie_text1: Quite cualquier prenda o accesorio que pueda cubrirle la cara. Sugerimos que se quite los anteojos o el sombrero.
-doc_auth.tips.document_capture_selfie_text2: Tómese la foto en un lugar bien iluminado.
-doc_auth.tips.document_capture_selfie_text3: Mantenga una expresión neutral.
+doc_auth.tips.document_capture_selfie_text1: Quite cualquier prenda o accesorio que pueda cubrirle la cara, como anteojos o un sombrero.
+doc_auth.tips.document_capture_selfie_text2: Tómese la foto en un lugar bien iluminado
+doc_auth.tips.document_capture_selfie_text3: Mantenga una expresión neutral
 doc_auth.tips.document_capture_selfie_text4: Revise que se vea su rostro completo dentro del círculo verde.
 doc_auth.tips.mobile_phone_required: Se necesita un teléfono móvil
 doc_auth.tips.review_issues_id_header_text: 'Revise las imágenes de su identificación emitida por el estado:'
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index f02e41a8902..fd54536a7ec 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -579,7 +579,7 @@ doc_auth.headings.document_capture_back: Verso de votre pièce d’identité
 doc_auth.headings.document_capture_front: Recto de votre carte d’identité
 doc_auth.headings.document_capture_selfie: Photo de votre visage
 doc_auth.headings.document_capture_subheader_id: Permis de conduire ou carte d’identité d’un État
-doc_auth.headings.document_capture_subheader_selfie: Photo de votre visage
+doc_auth.headings.document_capture_subheader_selfie: Ajouter une photo de votre visage
 doc_auth.headings.document_capture_with_selfie: Ajouter des photos de votre pièce d’identité et une photo de vous-même
 doc_auth.headings.front: Recto de votre permis de conduire ou de votre carte d’identité d’un État
 doc_auth.headings.how_to_verify: Choisir la manière dont vous souhaitez confirmer votre identité
@@ -679,16 +679,16 @@ doc_auth.instructions.text2: Vous n’aurez pas besoin de votre carte de sécuri
 doc_auth.instructions.text3: Nous comparons votre numéro de téléphone à vos informations personnelles et vous envoyons un code à usage unique sur votre téléphone.
 doc_auth.instructions.text4: Votre mot de passe s’enregistre et chiffre vos informations personnelles.
 doc_auth.tips.document_capture_hint: Doit être au format JPG ou PNG
-doc_auth.tips.document_capture_id_text1: Placez votre pièce d’identité sur une surface plane et sombre.
-doc_auth.tips.document_capture_id_text2: Prenez votre photo dans un endroit bien éclairé.
-doc_auth.tips.document_capture_id_text3: Évitez les reflets et les ombres sur votre pièce d’identité.
+doc_auth.tips.document_capture_id_text1: Utilisez une surface plane et foncée
+doc_auth.tips.document_capture_id_text2: Prenez vos photos dans un endroit bien éclairé
+doc_auth.tips.document_capture_id_text3: Évitez les reflets ou les ombres
 doc_auth.tips.document_capture_id_text4: La taille du fichier doit être d’au moins 2 Mo.
-doc_auth.tips.document_capture_selfie_id_header_text: Comment prendre des photos nettes de votre pièce d’identité
+doc_auth.tips.document_capture_selfie_id_header_text: Comment prendre des photos nettes
 doc_auth.tips.document_capture_selfie_selfie_text: Comment vous préparer pour prendre la photo de vous-même
-doc_auth.tips.document_capture_selfie_text1: Retirez tous articles ou accessoires vestimentaires susceptibles de cacher votre visage. Nous vous conseillons de retirer vos lunettes ou votre couvre-chef.
-doc_auth.tips.document_capture_selfie_text2: Prenez votre photo dans un endroit bien éclairé.
-doc_auth.tips.document_capture_selfie_text3: Gardez une expression neutre.
-doc_auth.tips.document_capture_selfie_text4: Assurez-vous que l’ensemble de votre visage soit visible à l’intérieur du cercle vert.
+doc_auth.tips.document_capture_selfie_text1: Enlevez tout ce qui cache votre visage (lunettes, couvre-chef, etc.)
+doc_auth.tips.document_capture_selfie_text2: Prenez votre photo dans un endroit bien éclairé
+doc_auth.tips.document_capture_selfie_text3: Gardez une expression neutre
+doc_auth.tips.document_capture_selfie_text4: Assurez-vous que l’ensemble de votre visage est visible dans le cercle vert
 doc_auth.tips.mobile_phone_required: Téléphone mobile nécessaire
 doc_auth.tips.review_issues_id_header_text: 'Examinez les images de votre carte d’identité délivrée par l’État :'
 doc_auth.tips.review_issues_id_text1: Avez-vous utilisé un arrière-plan de couleur sombre ?
diff --git a/config/locales/zh.yml b/config/locales/zh.yml
index 0ffe276079f..844a78f63d4 100644
--- a/config/locales/zh.yml
+++ b/config/locales/zh.yml
@@ -590,7 +590,7 @@ doc_auth.headings.document_capture_back: 你身份证件的背面
 doc_auth.headings.document_capture_front: 你身份证件的正面
 doc_auth.headings.document_capture_selfie: 你面部照片
 doc_auth.headings.document_capture_subheader_id: 驾照或州政府颁发的身份证件
-doc_auth.headings.document_capture_subheader_selfie: 你本人照片
+doc_auth.headings.document_capture_subheader_selfie: 添加您面部照片
 doc_auth.headings.document_capture_with_selfie: 添加你身份证件和本人的照片
 doc_auth.headings.front: 驾照或州政府颁发身份证件的正面
 doc_auth.headings.how_to_verify: 选择你想如何验证身份
@@ -690,16 +690,16 @@ doc_auth.instructions.text2: 不需要你社会保障卡实体。
 doc_auth.instructions.text3: 我们把你的电话号码与个人信息匹配，并向你的电话发送一个一次性代码。
 doc_auth.instructions.text4: 你的密码对你个人信息进行存储并加密。
 doc_auth.tips.document_capture_hint: 必须是 JPG 或 PNG
-doc_auth.tips.document_capture_id_text1: 把你身份证件放在一个平坦、暗色的表面上。
-doc_auth.tips.document_capture_id_text2: 在光线明亮的地方拍照。
-doc_auth.tips.document_capture_id_text3: 避免身份证件上有炫光或阴影。
+doc_auth.tips.document_capture_id_text1: 使用水平和深色表面
+doc_auth.tips.document_capture_id_text2: 在光线明亮的地方拍照
+doc_auth.tips.document_capture_id_text3: 避免炫光或阴影
 doc_auth.tips.document_capture_id_text4: 文件大小应当至少 2 兆。
-doc_auth.tips.document_capture_selfie_id_header_text: 如何拍摄你身份证件的清晰照片
+doc_auth.tips.document_capture_selfie_id_header_text: 如何拍摄清晰照片
 doc_auth.tips.document_capture_selfie_selfie_text: 如何准备拍照
-doc_auth.tips.document_capture_selfie_text1: 摘掉可能盖住你面部的任何服饰。我们建议你摘掉眼镜和帽子。
-doc_auth.tips.document_capture_selfie_text2: 在光线明亮的地方拍照。
-doc_auth.tips.document_capture_selfie_text3: 面部表情保持中性。
-doc_auth.tips.document_capture_selfie_text4: 确保你整个面部都可以在绿色圆圈中看到。
+doc_auth.tips.document_capture_selfie_text1: 摘掉任何遮盖您面孔的东西，比如眼镜或帽子
+doc_auth.tips.document_capture_selfie_text2: 在光线明亮的地方拍照
+doc_auth.tips.document_capture_selfie_text3: 保持中性表情
+doc_auth.tips.document_capture_selfie_text4: 确保您整个面孔都可以在绿色圆圈里看到
 doc_auth.tips.mobile_phone_required: 要求有手机
 doc_auth.tips.review_issues_id_header_text: 请仔细查看你州政府颁发身份证件的图像：
 doc_auth.tips.review_issues_id_text1: 你是否使用了暗色背景？
diff --git a/spec/features/idv/doc_auth/document_capture_spec.rb b/spec/features/idv/doc_auth/document_capture_spec.rb
index d15b6b217cc..676f4f8c337 100644
--- a/spec/features/idv/doc_auth/document_capture_spec.rb
+++ b/spec/features/idv/doc_auth/document_capture_spec.rb
@@ -689,9 +689,11 @@
                 expect(max_submission_attempts_before_native_camera.to_i).
                   to eq(ActiveSupport::Duration::SECONDS_PER_HOUR)
                 expect_step_indicator_current_step(t('step_indicator.flows.idv.verify_id'))
-                expect_doc_capture_page_header(t('doc_auth.headings.document_capture_with_selfie'))
-                expect_doc_capture_id_subheader
-                attach_liveness_images
+                expect(page).to have_text(t('doc_auth.headings.document_capture'))
+                attach_images
+                click_continue
+                expect_doc_capture_selfie_subheader
+                attach_selfie
                 submit_images
 
                 expect(page).to have_current_path(idv_ssn_url)
@@ -943,9 +945,11 @@
                 click_on t('forms.buttons.upload_photos')
                 expect(page).to have_current_path(idv_document_capture_url)
                 expect_step_indicator_current_step(t('step_indicator.flows.idv.verify_id'))
-                expect_doc_capture_page_header(t('doc_auth.headings.document_capture_with_selfie'))
-                expect_doc_capture_id_subheader
-                attach_liveness_images
+                expect(page).to have_text(t('doc_auth.headings.document_capture'))
+                attach_images
+                click_continue
+                expect_doc_capture_selfie_subheader
+                attach_selfie
                 submit_images
 
                 expect(page).to have_current_path(idv_ssn_url)
diff --git a/spec/javascript/packages/document-capture/components/documents-and-selfie-step-spec.tsx b/spec/javascript/packages/document-capture/components/documents-and-selfie-step-spec.tsx
index 482ad5ca2be..a344d3198be 100644
--- a/spec/javascript/packages/document-capture/components/documents-and-selfie-step-spec.tsx
+++ b/spec/javascript/packages/document-capture/components/documents-and-selfie-step-spec.tsx
@@ -172,8 +172,8 @@ describe('document-capture/components/documents-and-selfie-step', () => {
         level: 2,
       });
       const selfieHeader = getByRole('heading', {
-        name: '2. doc_auth.headings.document_capture_subheader_selfie',
-        level: 2,
+        name: 'doc_auth.headings.document_capture_subheader_selfie',
+        level: 1,
       });
       expect(front).to.be.ok();
       expect(back).to.be.ok();

From 9ceb21a6abd8c6a2f45029a8ff9122ca97c69fd7 Mon Sep 17 00:00:00 2001
From: "Davida (she/they)" <davida.marion@gsa.gov>
Date: Wed, 2 Oct 2024 19:51:19 -0400
Subject: [PATCH 03/11] More renaming to Facial Matching (#11304)

* changelog: Internal, Facial Match, Update language
---
 app/controllers/test/oidc_test_controller.rb       | 10 +++++-----
 app/services/analytics_events.rb                   | 14 +++++++-------
 app/services/saml_request_validator.rb             |  4 ++--
 app/services/vot/supported_component_values.rb     |  2 +-
 app/views/accounts/_identity_verification.html.erb |  8 ++++----
 app/views/test/oidc_test/index.html.erb            |  2 +-
 config/locales/en.yml                              |  8 ++++----
 config/locales/es.yml                              |  8 ++++----
 config/locales/fr.yml                              |  8 ++++----
 config/locales/zh.yml                              |  8 ++++----
 docs/sdk-upgrade.md                                |  2 +-
 .../_identity_verification.html.erb_spec.rb        |  9 ++++++---
 12 files changed, 43 insertions(+), 40 deletions(-)

diff --git a/app/controllers/test/oidc_test_controller.rb b/app/controllers/test/oidc_test_controller.rb
index 246d7321bb1..8a672ddc4d7 100644
--- a/app/controllers/test/oidc_test_controller.rb
+++ b/app/controllers/test/oidc_test_controller.rb
@@ -5,7 +5,7 @@ module Test
   class OidcTestController < ApplicationController
     include OidcAuthHelper
 
-    BIOMETRIC_REQUIRED = 'biometric-comparison-required'
+    FACIAL_MATCH_REQUIRED = 'facial-match-required'
 
     def initialize
       @client_id = 'urn:gov:gsa:openidconnect:sp:sinatra'
@@ -14,7 +14,7 @@ def initialize
 
     def index
       # default to require
-      @start_url_selfie = "#{test_oidc_auth_request_url}?ial=biometric-comparison-required"
+      @start_url_selfie = "#{test_oidc_auth_request_url}?ial=#{FACIAL_MATCH_REQUIRED}"
       @start_url_ial2 = "#{test_oidc_auth_request_url}?ial=2"
       @start_url_ial1 = "#{test_oidc_auth_request_url}?ial=1"
       update_service_provider
@@ -46,7 +46,7 @@ def authorization_url(ial:, aal: nil)
       params = ial2_params(
         client_id: client_id,
         acr_values: acr_values(ial: ial, aal: aal),
-        biometric_comparison_required: ial == BIOMETRIC_REQUIRED,
+        facial_match_required: ial == FACIAL_MATCH_REQUIRED,
         state: random_value,
         nonce: random_value,
       )
@@ -70,7 +70,7 @@ def scopes_for(ial)
         'openid email social_security_number'
       when '1', nil
         'openid email'
-      when '2', BIOMETRIC_REQUIRED
+      when '2', FACIAL_MATCH_REQUIRED
         'openid email profile social_security_number phone address'
       else
         raise ArgumentError.new("Unexpected IAL: #{ial.inspect}")
@@ -84,7 +84,7 @@ def acr_values(ial:, aal:)
         '' => 'http://idmanagement.gov/ns/assurance/ial/1',
         '1' => 'http://idmanagement.gov/ns/assurance/ial/1',
         '2' => 'http://idmanagement.gov/ns/assurance/ial/2',
-        'biometric-comparison-required' => 'http://idmanagement.gov/ns/assurance/ial/2',
+        'facial-match-required' => 'http://idmanagement.gov/ns/assurance/ial/2',
       }[ial]
       aal_value = {
         '2' => 'http://idmanagement.gov/ns/assurance/aal/2',
diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb
index ff15a1fec48..7984c50eec1 100644
--- a/app/services/analytics_events.rb
+++ b/app/services/analytics_events.rb
@@ -1163,7 +1163,7 @@ def idv_doc_auth_agreement_visited(
   # @param [String] step Current IdV step
   # @param [String] analytics_id Current IdV flow identifier
   # @param ["hybrid","standard"] flow_path Document capture user flow
-  # @param [Boolean] liveness_checking_required Whether biometric selfie check is required
+  # @param [Boolean] liveness_checking_required Whether facial match check is required
   def idv_doc_auth_capture_complete_visited(
     step:,
     analytics_id:,
@@ -1186,8 +1186,8 @@ def idv_doc_auth_capture_complete_visited(
   # @param [Hash] errors Errors resulting from form validation
   # @param [String] step Current IdV step
   # @param [String] analytics_id Current IdV flow identifier
-  # @param [Boolean] liveness_checking_required Whether biometric selfie check is required
-  # @param [Boolean] selfie_check_required Whether biometric selfie check is required
+  # @param [Boolean] liveness_checking_required Whether facial match check is required
+  # @param [Boolean] selfie_check_required Whether facial match check is required
   # @param ["hybrid","standard"] flow_path Document capture user flow
   # @param [Boolean] redo_document_capture Whether user is redoing document capture after barcode
   # warning
@@ -1234,8 +1234,8 @@ def idv_doc_auth_document_capture_submitted(
   # @param [String] analytics_id Current IdV flow identifier
   # @param [Boolean] redo_document_capture Whether user is redoing document capture after barcode
   # warning
-  # @param [Boolean] liveness_checking_required Whether biometric selfie check is required
-  # @param [Boolean] selfie_check_required Whether biometric selfie check is required
+  # @param [Boolean] liveness_checking_required Whether facial match check is required
+  # @param [Boolean] selfie_check_required Whether facial match check is required
   # @param ["hybrid","standard"] flow_path Document capture user flow
   # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture
   # SDK upgrades
@@ -1354,7 +1354,7 @@ def idv_doc_auth_how_to_verify_visited(
   # @param [String] analytics_id Current IdV flow identifier
   # @param [Boolean] redo_document_capture Whether user is redoing document capture after barcode
   # warning
-  # @param [Boolean] selfie_check_required Whether biometric selfie check is required
+  # @param [Boolean] selfie_check_required Whether facial match check is required
   # @param ["document_capture","send_link"] destination Where user is sent after submission
   # @param ["hybrid","standard"] flow_path Document capture user flow
   # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture
@@ -1401,7 +1401,7 @@ def idv_doc_auth_hybrid_handoff_submitted(
   # @param [String] analytics_id Current IdV flow identifier
   # @param [Boolean] redo_document_capture Whether user is redoing document capture after barcode
   # warning
-  # @param [Boolean] selfie_check_required Whether biometric selfie check is required
+  # @param [Boolean] selfie_check_required Whether facial match check is required
   # @param [String] acuant_sdk_upgrade_ab_test_bucket A/B test bucket for Acuant document capture
   # SDK upgrades
   # @param [Boolean] skip_hybrid_handoff Whether skipped hybrid handoff A/B test is active
diff --git a/app/services/saml_request_validator.rb b/app/services/saml_request_validator.rb
index cf08513247d..740d67a5f60 100644
--- a/app/services/saml_request_validator.rb
+++ b/app/services/saml_request_validator.rb
@@ -61,7 +61,7 @@ def authorized_authn_context
     if !valid_authn_context? ||
        (identity_proofing_requested? && !service_provider.identity_proofing_allowed?) ||
        (ial_max_requested? && !service_provider.ialmax_allowed?) ||
-       (biometric_ial_requested? && !service_provider.facial_match_ial_allowed?) ||
+       (facial_match_ial_requested? && !service_provider.facial_match_ial_allowed?) ||
        (semantic_authn_contexts_requested? && !service_provider.semantic_authn_contexts_allowed?)
       errors.add(:authn_context, :unauthorized_authn_context, type: :unauthorized_authn_context)
     end
@@ -116,7 +116,7 @@ def ial_max_requested?
     Array(authn_context).include?(Saml::Idp::Constants::IALMAX_AUTHN_CONTEXT_CLASSREF)
   end
 
-  def biometric_ial_requested?
+  def facial_match_ial_requested?
     Array(authn_context).any? { |ial| Saml::Idp::Constants::FACIAL_MATCH_IAL_CONTEXTS.include? ial }
   end
 
diff --git a/app/services/vot/supported_component_values.rb b/app/services/vot/supported_component_values.rb
index 01c4edd7825..4c340703db4 100644
--- a/app/services/vot/supported_component_values.rb
+++ b/app/services/vot/supported_component_values.rb
@@ -34,7 +34,7 @@ module SupportedComponentValues
     ).freeze
     Pb = ComponentValue.new(
       name: 'Pb',
-      description: 'A biometric comparison is required as part of identity proofing',
+      description: 'A facial match is required as part of identity proofing',
       implied_component_values: ['P1'],
       requirements: [:facial_match, :two_pieces_of_fair_evidence],
     ).freeze
diff --git a/app/views/accounts/_identity_verification.html.erb b/app/views/accounts/_identity_verification.html.erb
index 0b2c6c5e4c5..80286e1ec4b 100644
--- a/app/views/accounts/_identity_verification.html.erb
+++ b/app/views/accounts/_identity_verification.html.erb
@@ -4,7 +4,7 @@
   </h2>
   <div class="grid-col-auto">
     <% if @presenter.active_profile_for_authn_context? %>
-      <%= render TooltipComponent.new(tooltip_text: @presenter.identity_verified_with_facial_match? ? t('account.index.verification.verified_biometric_badge_tooltip') : t('account.index.verification.verified_badge_tooltip')) do %>
+      <%= render TooltipComponent.new(tooltip_text: @presenter.identity_verified_with_facial_match? ? t('account.index.verification.verified_facial_match_badge_tooltip') : t('account.index.verification.verified_badge_tooltip')) do %>
         <%= render BadgeComponent.new(icon: :check_circle).with_content(t('account.index.verification.verified_badge')) %>
       <% end %>
     <% elsif @presenter.pending_gpo? || @presenter.pending_ipp? %>
@@ -23,12 +23,12 @@
   <p>
     <% if @presenter.active_profile_for_authn_context? %>
       <% if @presenter.identity_verified_with_facial_match? %>
-        <%= t('account.index.verification.you_verified_your_biometric_identity', app_name: APP_NAME) %>
+        <%= t('account.index.verification.you_verified_your_facial_match_identity', app_name: APP_NAME) %>
       <% else %>
         <%= t('account.index.verification.you_verified_your_identity_html', sp_name: @presenter.user.active_profile.initiating_service_provider&.friendly_name || APP_NAME) %>
       <% end %>
     <% elsif @presenter.active_profile? %>
-      <%= t('account.index.verification.nonbiometric_verified_html', app_name: APP_NAME, date: @presenter.formatted_legacy_idv_date) %>
+      <%= t('account.index.verification.legacy_verified_html', app_name: APP_NAME, date: @presenter.formatted_legacy_idv_date) %>
     <% elsif @presenter.sp_name || @presenter.user.pending_profile.initiating_service_provider %>
       <%= t('account.index.verification.finish_verifying_html', sp_name: @presenter.sp_name || @presenter.user.pending_profile.initiating_service_provider.friendly_name) %>
     <% else %>
@@ -43,7 +43,7 @@
 
 <% if @presenter.active_profile? && !@presenter.active_profile_for_authn_context? %>
   <p>
-    <%= t('account.index.verification.verify_with_biometric_html', sp_name: @presenter.sp_name) %>
+    <%= t('account.index.verification.verify_with_facial_match_html', sp_name: @presenter.sp_name) %>
   </p>
   <p>
     <%= new_tab_link_to t('account.index.verification.learn_more_link'), help_center_redirect_path(category: 'verify-your-identity', article: 'overview', flow: :account_show, location: :idv) %>
diff --git a/app/views/test/oidc_test/index.html.erb b/app/views/test/oidc_test/index.html.erb
index 8b15eadb9e7..99d1c41da47 100644
--- a/app/views/test/oidc_test/index.html.erb
+++ b/app/views/test/oidc_test/index.html.erb
@@ -2,6 +2,6 @@
 
 <h1>OIDC Test Controller</h1>
 
-<%= link_to 'Sign in with Biometric', @start_url_selfie, class: 'sign-in-bttn' %> <br /> <br />
+<%= link_to 'Sign in with Facial Match', @start_url_selfie, class: 'sign-in-bttn' %> <br /> <br />
 <%= link_to 'Sign in with IAL2', @start_url_ial2, class: 'sign-in-bttn' %> <br /><br />
 <%= link_to 'Sign in with IAL1', @start_url_ial1, class: 'sign-in-bttn' %>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index 49f1cedb0fc..55de5f03f28 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -80,7 +80,7 @@ account.index.verification.identity_verification: Identity verification
 account.index.verification.in_person_instructions_html: You must visit any participating Post Office by <strong>%{deadline}</strong> to verify your identity.
 account.index.verification.instructions: Enter your verification code to finish verifying your identity.
 account.index.verification.learn_more_link: Learn more about verifying your identity
-account.index.verification.nonbiometric_verified_html: You verified your identity with %{app_name} on <strong>%{date}</strong> using your state ID.
+account.index.verification.legacy_verified_html: You verified your identity with %{app_name} on <strong>%{date}</strong> using your state ID.
 account.index.verification.pending_badge: Pending
 account.index.verification.pending_badge_tooltip: Your identity is pending verification.
 account.index.verification.reactivate_button: Enter the verification code you received via US mail
@@ -90,9 +90,9 @@ account.index.verification.unverified_badge: Unverified
 account.index.verification.unverified_badge_tooltip: Finish verifying your identity.
 account.index.verification.verified_badge: Verified
 account.index.verification.verified_badge_tooltip: Your identity has been verified.
-account.index.verification.verified_biometric_badge_tooltip: Your identity and photo have both been verified.
-account.index.verification.verify_with_biometric_html: To access <strong>%{sp_name}</strong>, verify your identity again using a photo of yourself.
-account.index.verification.you_verified_your_biometric_identity: You have verified your identity with the information below and verified a photo of yourself which gives you access to all %{app_name} partners.
+account.index.verification.verified_facial_match_badge_tooltip: Your identity and photo have both been verified.
+account.index.verification.verify_with_facial_match_html: To access <strong>%{sp_name}</strong>, verify your identity again using a photo of yourself.
+account.index.verification.you_verified_your_facial_match_identity: You have verified your identity with the information below and verified a photo of yourself which gives you access to all %{app_name} partners.
 account.index.verification.you_verified_your_identity_html: You verified your identity for <strong>%{sp_name}</strong> with the information below.
 account.index.webauthn: Security key
 account.index.webauthn_add: Add security key
diff --git a/config/locales/es.yml b/config/locales/es.yml
index c9a6c9c849d..da9abfb4908 100644
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -80,7 +80,7 @@ account.index.verification.identity_verification: Verificación de identidad
 account.index.verification.in_person_instructions_html: Para terminar de verificar su identidad, debe acudir a una oficina de correos participante antes del <strong>%{deadline}</strong>.
 account.index.verification.instructions: Ingrese su código de verificación para terminar de verificar su identidad.
 account.index.verification.learn_more_link: Obtenga más información sobre la verificación de su identidad
-account.index.verification.nonbiometric_verified_html: El <strong>%{date}</strong>, usted verificó su identidad con %{app_name} usando su identificación estatal.
+account.index.verification.legacy_verified_html: El <strong>%{date}</strong>, usted verificó su identidad con %{app_name} usando su identificación estatal.
 account.index.verification.pending_badge: Pendiente
 account.index.verification.pending_badge_tooltip: La verificación de su identidad está pendiente
 account.index.verification.reactivate_button: Ingrese el código de verificación que recibió por correo de los EE. UU.
@@ -90,9 +90,9 @@ account.index.verification.unverified_badge: No verificada
 account.index.verification.unverified_badge_tooltip: Termine de verificar su identidad.
 account.index.verification.verified_badge: Verificada
 account.index.verification.verified_badge_tooltip: Se verificó su identidad.
-account.index.verification.verified_biometric_badge_tooltip: Se verificó tanto su identidad como su fotografía.
-account.index.verification.verify_with_biometric_html: Para acceder a la <strong>%{sp_name}</strong>, verifique su identidad de nuevo usando una foto de usted.
-account.index.verification.you_verified_your_biometric_identity: Usted verificó su identidad con la información siguiente y verificó una fotografía suya, lo cual le da acceso a todos los asociados de %{app_name}.
+account.index.verification.verified_facial_match_badge_tooltip: Se verificó tanto su identidad como su fotografía.
+account.index.verification.verify_with_facial_match_html: Para acceder a la <strong>%{sp_name}</strong>, verifique su identidad de nuevo usando una foto de usted.
+account.index.verification.you_verified_your_facial_match_identity: Usted verificó su identidad con la información siguiente y verificó una fotografía suya, lo cual le da acceso a todos los asociados de %{app_name}.
 account.index.verification.you_verified_your_identity_html: Usted verificó su identidad para <strong>%{sp_name}</strong> con la información siguiente.
 account.index.webauthn: Clave de seguridad
 account.index.webauthn_add: Agregar clave de seguridad
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index fd54536a7ec..c478301fc28 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -80,7 +80,7 @@ account.index.verification.identity_verification: Vérification de l’identité
 account.index.verification.in_person_instructions_html: Vous devez vous rendre à un bureau de poste participant d’ici le <strong>%{deadline}</strong> pour terminer la procédure de vérification de votre identité.
 account.index.verification.instructions: Saisissez votre code de vérification pour terminer la procédure de vérification d’identité.
 account.index.verification.learn_more_link: En savoir plus sur la vérification de votre identité
-account.index.verification.nonbiometric_verified_html: Vous avez confirmé votre identité sur %{app_name} le <strong>%{date}</strong> avec votre pièce d’identité d’État.
+account.index.verification.legacy_verified_html: Vous avez confirmé votre identité sur %{app_name} le <strong>%{date}</strong> avec votre pièce d’identité d’État.
 account.index.verification.pending_badge: En cours
 account.index.verification.pending_badge_tooltip: Votre identité est en cours de vérification.
 account.index.verification.reactivate_button: Saisissez le code de vérification que vous avez reçu par la poste.
@@ -90,9 +90,9 @@ account.index.verification.unverified_badge: Non vérifiée
 account.index.verification.unverified_badge_tooltip: Terminer la vérification de votre identité.
 account.index.verification.verified_badge: Vérifiée
 account.index.verification.verified_badge_tooltip: Votre identité a été vérifiée.
-account.index.verification.verified_biometric_badge_tooltip: Votre identité et votre photo ont été vérifiées.
-account.index.verification.verify_with_biometric_html: Pour accéder à <strong>%{sp_name}</strong>, confirmez à nouveau votre identité à l’aide d’une photo de vous-même.
-account.index.verification.you_verified_your_biometric_identity: Vous avez confirmé votre identité à l’aide des informations ci-dessous et d’une photo de vous-même, ce qui vous permet d’accéder à tous les organismes partenaires de %{app_name}.
+account.index.verification.verified_facial_match_badge_tooltip: Votre identité et votre photo ont été vérifiées.
+account.index.verification.verify_with_facial_match_html: Pour accéder à <strong>%{sp_name}</strong>, confirmez à nouveau votre identité à l’aide d’une photo de vous-même.
+account.index.verification.you_verified_your_facial_match_identity: Vous avez confirmé votre identité à l’aide des informations ci-dessous et d’une photo de vous-même, ce qui vous permet d’accéder à tous les organismes partenaires de %{app_name}.
 account.index.verification.you_verified_your_identity_html: Vous avez confirmé votre identité auprès de <strong>%{sp_name}</strong> à l’aide des informations ci-dessous.
 account.index.webauthn: Clé de sécurité
 account.index.webauthn_add: Ajouter une clé de sécurité
diff --git a/config/locales/zh.yml b/config/locales/zh.yml
index 844a78f63d4..f29b3e95e17 100644
--- a/config/locales/zh.yml
+++ b/config/locales/zh.yml
@@ -80,7 +80,7 @@ account.index.verification.identity_verification: 身份验证
 account.index.verification.in_person_instructions_html: 你必须在 <strong>%{deadline}</strong> 之前去邮局完成验证你的身份。
 account.index.verification.instructions: 输入你的验证码来完成身份验证。
 account.index.verification.learn_more_link: 了解更多有关验证你身份的信息。
-account.index.verification.nonbiometric_verified_html: 你在 <strong>%{date}</strong> 使用州颁发的身份证件在%{app_name} 验证了身份。
+account.index.verification.legacy_verified_html: 你在 <strong>%{date}</strong> 使用州颁发的身份证件在%{app_name} 验证了身份。
 account.index.verification.pending_badge: 待验证
 account.index.verification.pending_badge_tooltip: 你的身份有待验证。
 account.index.verification.reactivate_button: 输入你通过邮局收到的验证码。
@@ -90,9 +90,9 @@ account.index.verification.unverified_badge: 未验证
 account.index.verification.unverified_badge_tooltip: 完成验证你的身份。
 account.index.verification.verified_badge: 已验证
 account.index.verification.verified_badge_tooltip: 你的身份已经验证。
-account.index.verification.verified_biometric_badge_tooltip: 你的身份和照片都已验证。
-account.index.verification.verify_with_biometric_html: 要访问 <strong>%{sp_name}</strong>，请使用你本人照片再次验证身份。
-account.index.verification.you_verified_your_biometric_identity: 你使用以下信息验证了身份并验证了一张你本人的照片，从而获得了访问%{app_name}所有合作伙伴机构的权限。
+account.index.verification.verified_facial_match_badge_tooltip: 你的身份和照片都已验证。
+account.index.verification.verify_with_facial_match_html: 要访问 <strong>%{sp_name}</strong>，请使用你本人照片再次验证身份。
+account.index.verification.you_verified_your_facial_match_identity: 你使用以下信息验证了身份并验证了一张你本人的照片，从而获得了访问%{app_name}所有合作伙伴机构的权限。
 account.index.verification.you_verified_your_identity_html: 你使用以下信息向 <strong>%{sp_name}</strong> 验证了身份。
 account.index.webauthn: 安全密钥
 account.index.webauthn_add: 添加安全密钥
diff --git a/docs/sdk-upgrade.md b/docs/sdk-upgrade.md
index b19f0dc23a0..6053a5c02ce 100644
--- a/docs/sdk-upgrade.md
+++ b/docs/sdk-upgrade.md
@@ -56,7 +56,7 @@ Steps:
     1. Look at the [Testing Considerations](#testing-considerations) for other ideas on what you might want to test.
     1. Here is a sample plan:
         - For each combination of devices and browsers above:
-            1. Locally go to `/test/oidc/login` and choose `biometrics`
+            1. Locally go to `/test/oidc/login` and choose `facial match`
             1. First test document capture
                 1. On your phone, tap to photograph your state ID card
                 1. Point the camera at the card
diff --git a/spec/views/accounts/_identity_verification.html.erb_spec.rb b/spec/views/accounts/_identity_verification.html.erb_spec.rb
index 436621dae2b..84c3eb44426 100644
--- a/spec/views/accounts/_identity_verification.html.erb_spec.rb
+++ b/spec/views/accounts/_identity_verification.html.erb_spec.rb
@@ -232,14 +232,14 @@
         expect(rendered).to have_content(
           strip_tags(
             t(
-              'account.index.verification.nonbiometric_verified_html',
+              'account.index.verification.legacy_verified_html',
               app_name: APP_NAME,
               date: @presenter.formatted_legacy_idv_date,
             ),
           ),
         )
         expect(rendered).to have_content(
-          strip_tags(t('account.index.verification.verify_with_biometric_html', sp_name:)),
+          strip_tags(t('account.index.verification.verify_with_facial_match_html', sp_name:)),
         )
         expect(rendered).to have_link(
           t('account.index.verification.learn_more_link'),
@@ -270,7 +270,10 @@
 
       it 'shows content confirming verified identity' do
         expect(rendered).to have_content(
-          t('account.index.verification.you_verified_your_biometric_identity', app_name: APP_NAME),
+          t(
+            'account.index.verification.you_verified_your_facial_match_identity',
+            app_name: APP_NAME,
+          ),
         )
         expect(rendered).to have_link(
           t('account.index.verification.learn_more_link'),

From 9a81e195fcb497331de6b64d9e42503f5d65e107 Mon Sep 17 00:00:00 2001
From: Gina <125507397+gina-yamada@users.noreply.github.com>
Date: Thu, 3 Oct 2024 09:38:16 -0400
Subject: [PATCH 04/11] LG-14290- Add step indicator to How To Verify View
 (#11298)

* Add step indicator to how to verify view

* changelog: User-Facing Improvements, In-person proofing, Add step indicator to how to verify view
---
 app/views/idv/how_to_verify/show.html.erb          | 10 ++++++++++
 spec/views/idv/agreement/show.html.erb_spec.rb     |  7 +++++++
 spec/views/idv/how_to_verify/show.html.erb_spec.rb | 14 ++++++++++++++
 3 files changed, 31 insertions(+)

diff --git a/app/views/idv/how_to_verify/show.html.erb b/app/views/idv/how_to_verify/show.html.erb
index 2699c68fe16..09c9c68247f 100644
--- a/app/views/idv/how_to_verify/show.html.erb
+++ b/app/views/idv/how_to_verify/show.html.erb
@@ -1,4 +1,14 @@
+<% content_for(:pre_flash_content) do %>
+  <%= render StepIndicatorComponent.new(
+        steps: Idv::StepIndicatorConcern::STEP_INDICATOR_STEPS,
+        current_step: :getting_started,
+        locale_scope: 'idv',
+        class: 'margin-x-neg-2 margin-top-neg-4 tablet:margin-x-neg-6 tablet:margin-top-neg-4',
+      ) %>
+<% end %>
+
 <% self.title = t('doc_auth.headings.how_to_verify') %>
+
 <%= render PageHeadingComponent.new.with_content(t('doc_auth.headings.how_to_verify')) %>
 
 <% if defined?(error) %>
diff --git a/spec/views/idv/agreement/show.html.erb_spec.rb b/spec/views/idv/agreement/show.html.erb_spec.rb
index 9e25775d867..ce7d4845d22 100644
--- a/spec/views/idv/agreement/show.html.erb_spec.rb
+++ b/spec/views/idv/agreement/show.html.erb_spec.rb
@@ -25,6 +25,13 @@
     expect(rendered).to have_css(selector)
   end
 
+  it 'renders a step indicator with Getting started as the current step' do
+    expect(view.content_for(:pre_flash_content)).to have_css(
+      '.step-indicator__step--current',
+      text: t('step_indicator.flows.idv.getting_started'),
+    )
+  end
+
   it 'renders a link to the privacy & security page' do
     expect(rendered).to have_link(
       t('doc_auth.instructions.learn_more'),
diff --git a/spec/views/idv/how_to_verify/show.html.erb_spec.rb b/spec/views/idv/how_to_verify/show.html.erb_spec.rb
index 47eade62830..05c2be9fb51 100644
--- a/spec/views/idv/how_to_verify/show.html.erb_spec.rb
+++ b/spec/views/idv/how_to_verify/show.html.erb_spec.rb
@@ -18,6 +18,13 @@
     end
 
     context 'renders the show template with' do
+      it('a step indicator with Getting started as the current step') do
+        expect(view.content_for(:pre_flash_content)).to have_css(
+          '.step-indicator__step--current',
+          text: t('step_indicator.flows.idv.getting_started'),
+        )
+      end
+
       it 'a title' do
         expect(rendered).to have_content(t('doc_auth.headings.how_to_verify'))
       end
@@ -65,6 +72,13 @@
     end
 
     context 'renders the show template with' do
+      it('a step indicator with Getting started as the current step') do
+        expect(view.content_for(:pre_flash_content)).to have_css(
+          '.step-indicator__step--current',
+          text: t('step_indicator.flows.idv.getting_started'),
+        )
+      end
+
       it 'a title' do
         expect(rendered).to have_content(t('doc_auth.headings.how_to_verify'))
       end

From cca7669f6888cde7906d79bb9c4ee36f2d215d4c Mon Sep 17 00:00:00 2001
From: Matt Hinz <matt.hinz@gsa.gov>
Date: Thu, 3 Oct 2024 10:33:20 -0700
Subject: [PATCH 05/11] LG-14497: LQA updates (#11305)

* Translate "digit" as "chiffres" in French

* Add comma to Simplified Chinese translation

There was a comma missing from the voice message used to communicate address verification OTPs.

Note that the character here is a full width comma (U+FF0C).

* changelog: User-Facing Improvements, Identity verification, Updates to French and Simplified Chinese translations

* Remove telephony.format_type.digit from ALLOWED_UNTRANSLATED_KEYS
---
 config/locales/telephony/fr.yml | 2 +-
 config/locales/telephony/zh.yml | 2 +-
 spec/i18n_spec.rb               | 1 -
 3 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/config/locales/telephony/fr.yml b/config/locales/telephony/fr.yml
index e0b94a582b7..f3b344787fc 100644
--- a/config/locales/telephony/fr.yml
+++ b/config/locales/telephony/fr.yml
@@ -39,6 +39,6 @@ fr:
       ten: dix
     format_type:
       character: caractères
-      digit: digit
+      digit: chiffres
     personal_key_regeneration_notice: Une nouvelle clé personnelle a été émise pour votre compte %{app_name}. Si cela ne vient pas de vous, réinitialisez votre mot de passe.
     personal_key_sign_in_notice: Votre clé personnelle vient d’être utilisée pour vous connecter à votre compte %{app_name}. Si cela ne vient pas de vous, réinitialisez votre mot de passe.
diff --git a/config/locales/telephony/zh.yml b/config/locales/telephony/zh.yml
index 1683435f04b..0eb5a838bbf 100644
--- a/config/locales/telephony/zh.yml
+++ b/config/locales/telephony/zh.yml
@@ -18,7 +18,7 @@ zh:
         %{app_name}: 你的一次性代码是 %{code}。此代码在 %{expiration} 分钟后作废。请勿与任何人分享此代码。
 
         @%{domain} #%{code}
-      voice: 你好！你的%{format_length}%{format_type} %{app_name} 一次性代码是%{code}。你的一次性代码是 ，%{code}。重复一下，你的一次性代码是 %{code}。此代码 %{expiration} 分钟后会作废。
+      voice: 你好！你的%{format_length}%{format_type} %{app_name} 一次性代码是，%{code}。你的一次性代码是 ，%{code}。重复一下，你的一次性代码是 %{code}。此代码 %{expiration} 分钟后会作废。
     doc_auth_link: |-
       %{app_name}: %{link} 你在验证身份以访问 %{sp_or_app_name}。拍张你身份证件的照片以继续。
     error:
diff --git a/spec/i18n_spec.rb b/spec/i18n_spec.rb
index 2fa507314f4..d84bf2abc83 100644
--- a/spec/i18n_spec.rb
+++ b/spec/i18n_spec.rb
@@ -70,7 +70,6 @@ class BaseTask
         { key: 'simple_form.no', locales: %i[es] }, # "No" is "No" in Spanish
         { key: 'telephony.format_length.six', locales: %i[zh] }, # numeral is not translated
         { key: 'telephony.format_length.ten', locales: %i[zh] }, # numeral is not translated
-        { key: 'telephony.format_type.digit', locales: %i[fr] },
         { key: 'time.formats.event_date', locales: %i[es zh] },
         { key: 'time.formats.event_time', locales: %i[es zh] },
         { key: 'time.formats.event_timestamp', locales: %i[zh] },

From e11fde3a925b2c398c96a81bca6e0d541bdd7355 Mon Sep 17 00:00:00 2001
From: A Shukla <abir.shukla@gsa.gov>
Date: Thu, 3 Oct 2024 15:25:34 -0500
Subject: [PATCH 06/11] LG-14067 Implement new attempts language in attempts
 screen (#11308)

* changelog: User-Facing Improvements, doc auth attempts text, updating attempts messages

* Fixing lint

* Fixing variable issue
---
 config/locales/en.yml | 6 +++---
 config/locales/es.yml | 6 +++---
 config/locales/fr.yml | 6 +++---
 config/locales/zh.yml | 6 +++---
 4 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/config/locales/en.yml b/config/locales/en.yml
index 55de5f03f28..c0a7e672801 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -556,7 +556,7 @@ doc_auth.errors.phone_step_incomplete: You must go to your phone and upload phot
 doc_auth.errors.pii.birth_date_min_age: Your birthday does not meet the minimum age requirement.
 doc_auth.errors.rate_limited_heading: We couldn’t verify your ID
 doc_auth.errors.rate_limited_subheading: Try taking new pictures
-doc_auth.errors.rate_limited_text_html: For your security, we limit the number of times you can attempt to verify a document online. <strong>Try again in %{timeout}.</strong>
+doc_auth.errors.rate_limited_text_html: To prevent fraud, we limit the number of times someone can attempt to verify a document online. <strong>Try again in %{timeout}.</strong>
 doc_auth.errors.selfie_fail_heading: We couldn’t match the photo of yourself to your ID
 doc_auth.errors.selfie_not_live_or_poor_quality_heading: We could not verify the photo of yourself
 doc_auth.errors.send_link_limited: You tried too many times, please try again in %{timeout}. You can also go back and choose to use your computer instead.
@@ -1016,8 +1016,8 @@ idv.errors.incorrect_password: The password you entered is not correct.
 idv.errors.pattern_mismatch.ssn: Enter a nine-digit Social Security number
 idv.errors.pattern_mismatch.zipcode: Enter a 5 or 9 digit ZIP Code
 idv.errors.pattern_mismatch.zipcode_five: Enter a 5 digit ZIP Code
-idv.failure.attempts_html.one: For security reasons, you have <strong>one attempt</strong> remaining to add your ID online.
-idv.failure.attempts_html.other: For security reasons, you have <strong>%{count} attempts</strong> remaining to add your ID online.
+idv.failure.attempts_html.one: You can try <strong>1 more time.</strong> Then, you must wait 6 hours before trying again.
+idv.failure.attempts_html.other: You can try <strong>%{count} more times.</strong> Then, you must wait 6 hours before trying again.
 idv.failure.button.try_online: Try again online
 idv.failure.button.warning: Try again
 idv.failure.exceptions.in_person_outage_error_message.post_cta.body: In the meantime, you can still begin the in-person verification process on %{app_name} and then visit a Post Office. If you urgently need access to services, please contact your agency directly.
diff --git a/config/locales/es.yml b/config/locales/es.yml
index da9abfb4908..5f91a9c97f8 100644
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -567,7 +567,7 @@ doc_auth.errors.phone_step_incomplete: Debe ir a su teléfono y cargar fotos de
 doc_auth.errors.pii.birth_date_min_age: Su fecha de nacimiento no cumple con el requisito de edad mínima.
 doc_auth.errors.rate_limited_heading: No pudimos verificar su identificación
 doc_auth.errors.rate_limited_subheading: Intente tomar nuevas fotos
-doc_auth.errors.rate_limited_text_html: Por su seguridad, limitamos el número de veces que puede intentar verificar un documento en línea. <strong>Vuelva a intentarlo en %{timeout}.</strong>
+doc_auth.errors.rate_limited_text_html: Para evitar fraudes, limitamos el número de veces que puede intentar la verificación de un documento en línea. <strong>Vuelva a intentarlo en %{timeout}.</strong>
 doc_auth.errors.selfie_fail_heading: No hemos podido cotejar su foto con su identificación.
 doc_auth.errors.selfie_not_live_or_poor_quality_heading: No pudimos verificar su foto
 doc_auth.errors.send_link_limited: Lo intentó demasiadas veces; vuelva a intentarlo en %{timeout}. También puede volver atrás y elegir utilizar su computadora.
@@ -1027,8 +1027,8 @@ idv.errors.incorrect_password: La contraseña que ingresó no es la correcta.
 idv.errors.pattern_mismatch.ssn: Ingrese un número de Seguro Social de nueve dígitos.
 idv.errors.pattern_mismatch.zipcode: Ingrese un código postal de 5 o 9 dígitos.
 idv.errors.pattern_mismatch.zipcode_five: Ingrese un código postal de 5 dígitos.
-idv.failure.attempts_html.one: Por motivos de seguridad, le queda <strong>un intento</strong> para añadir su identificación en línea.
-idv.failure.attempts_html.other: Por motivos de seguridad, le quedan <strong>%{count} intentos</strong> para añadir su identificación en línea.
+idv.failure.attempts_html.one: Puede intentarlo <strong>una vez más.</strong> Luego, debe esperar 6 horas antes de volver a intentarlo.
+idv.failure.attempts_html.other: Puede intentarlo <strong>%{count} veces más.</strong> Luego, debe esperar 6 horas antes de volver a intentarlo.
 idv.failure.button.try_online: Vuelva a intentarlo en línea
 idv.failure.button.warning: Vuelva a intentarlo
 idv.failure.exceptions.in_person_outage_error_message.post_cta.body: Mientras tanto, todavía puede iniciar el proceso de verificación en persona en %{app_name} y luego acudir a una oficina de correos. Si necesita acceso urgente a los servicios, contacte directamente con su agencia.
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index c478301fc28..5597ac0e112 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -556,7 +556,7 @@ doc_auth.errors.phone_step_incomplete: Vous devez aller sur votre téléphone et
 doc_auth.errors.pii.birth_date_min_age: Votre anniversaire ne correspond pas à l’âge minimum requis.
 doc_auth.errors.rate_limited_heading: Nous n’avons pas pu vérifier votre pièce d’identité.
 doc_auth.errors.rate_limited_subheading: Essayez de prendre de nouvelles photos.
-doc_auth.errors.rate_limited_text_html: Pour votre sécurité, nous limitons le nombre de fois où vous pouvez tenter de vérifier un document en ligne. <strong>Réessayez dans %{timeout}.</strong>
+doc_auth.errors.rate_limited_text_html: Pour éviter la fraude, nous limitons le nombre de fois où vous pouvez tenter de confirmer votre identité en ligne. <strong>Réessayez d’ici %{timeout}.</strong>
 doc_auth.errors.selfie_fail_heading: Nous n’avons pas pu faire correspondre votre photo à celle figurant sur votre pièce d’identité.
 doc_auth.errors.selfie_not_live_or_poor_quality_heading: Nous n’avons pas pu vérifier votre photo
 doc_auth.errors.send_link_limited: Vous avez essayé trop de fois, veuillez réessayer dans %{timeout}. Vous pouvez également revenir en arrière et choisir d’utiliser votre ordinateur à la place.
@@ -1016,8 +1016,8 @@ idv.errors.incorrect_password: Le mot de passe que vous avez saisi est incorrect
 idv.errors.pattern_mismatch.ssn: Saisissez un numéro de sécurité sociale à neuf chiffres
 idv.errors.pattern_mismatch.zipcode: Saisissez un code postal à 5 ou 9 chiffres
 idv.errors.pattern_mismatch.zipcode_five: Saisissez un code postal à 5 chiffres
-idv.failure.attempts_html.one: Pour des raisons de sécurité, il vous reste <strong>une tentative</strong> pour ajouter votre pièce d’identité en ligne.
-idv.failure.attempts_html.other: Pour des raisons de sécurité, il vous reste <strong>%{count} tentatives</strong> pour ajouter votre pièce d’identité en ligne.
+idv.failure.attempts_html.one: Vous avez encore <strong>un essai.</strong> Vous devrez ensuite attendre 6 heures avant de réessayer.
+idv.failure.attempts_html.other: Vous pouvez encore essayer <strong>%{count} fois de plus.</strong> Ensuite, vous devrez ensuite attendre 6 heures avant de réessayer.
 idv.failure.button.try_online: Réessayer en ligne
 idv.failure.button.warning: Réessayer
 idv.failure.exceptions.in_person_outage_error_message.post_cta.body: En attendant, vous pouvez toujours commencer la procédure de vérification en personne sur %{app_name} avant de vous rendre dans un bureau de poste. Si vous avez un besoin urgent d’accès aux services, veuillez contacter directement l’organisme concerné.
diff --git a/config/locales/zh.yml b/config/locales/zh.yml
index f29b3e95e17..898e5f9ca1d 100644
--- a/config/locales/zh.yml
+++ b/config/locales/zh.yml
@@ -567,7 +567,7 @@ doc_auth.errors.phone_step_incomplete: 在继续之前你必须使用手机上
 doc_auth.errors.pii.birth_date_min_age: 你的生日不满足最低年龄要求。
 doc_auth.errors.rate_limited_heading: 我们无法验证你的身份证件。
 doc_auth.errors.rate_limited_subheading: 尝试再拍照片
-doc_auth.errors.rate_limited_text_html: 为了你的安全，我们限制你在网上尝试验证文件的次数。<strong> %{timeout} 后再试。</strong>
+doc_auth.errors.rate_limited_text_html: 为了防止欺诈，我们限制在网上尝试验证文件的次数。<strong> %{timeout}个小时以后再试。</strong>
 doc_auth.errors.selfie_fail_heading: 我们无法把你自己的照片与你的身份证件匹配
 doc_auth.errors.selfie_not_live_or_poor_quality_heading: 我们无法验证你自己的照片
 doc_auth.errors.send_link_limited: 你尝试了太多次。请在 %{timeout}后再试。你也可以返回并选择使用电脑。
@@ -1029,8 +1029,8 @@ idv.errors.incorrect_password: 你输入的密码不对。
 idv.errors.pattern_mismatch.ssn: 输入 9 位数的社会保障号码
 idv.errors.pattern_mismatch.zipcode: 输入 5 或 9 位的邮编
 idv.errors.pattern_mismatch.zipcode_five: 输入 5 位的邮编
-idv.failure.attempts_html.one: 出于安全考虑，你在网上添加身份证件只能再试<strong>一次</strong>了。
-idv.failure.attempts_html.other: 出于安全考虑，你在网上添加身份证件只能再试<strong>%{count} </strong>次了。
+idv.failure.attempts_html.one: 您可以再试<strong>1次。</strong> 然后您必须等6个小时才能再试。
+idv.failure.attempts_html.other: 您可以再试<strong>%{count}次。</strong> 然后您必须等6个小时才能再试。
 idv.failure.button.try_online: 在网上再试一下
 idv.failure.button.warning: 再试一下。
 idv.failure.exceptions.in_person_outage_error_message.post_cta.body: 与此同时，你仍然可以在 %{app_name}开始亲身验证身份流程，然后去邮局。如果你迫切需要得到服务，请直接联系该政府机构。

From d86199b41fadf6887f4e715f912368c2827a0aa6 Mon Sep 17 00:00:00 2001
From: Malick Diarra <malick.diarra@gsa.gov>
Date: Fri, 4 Oct 2024 09:32:30 -0400
Subject: [PATCH 07/11] LG-14396 threat metrix create account device profiling
 (#11278)

* Threat metrix initial page

* threat metrix helper

* changelog: Upcoming Features, Account creation, Threat metrix addiition

* fix up threatmetrix naming

* fix true

* fix up rubocop

* add override for csp for threat metrix

* fix linting

* update to move threatmetrix to idv

* add new line

* fix indentationg

* make threat metrix profiling into a separate partial

* fix styling indentation

* Threat metrix helper adjustment

* add regtistrations threat metrix spec

* fix ssn controller and spec

* update to use locals

* return empty hash

* remove unneeded spec
---
 .../concerns/idv/threat_metrix_concern.rb     | 51 -------------------
 .../concerns/threat_metrix_concern.rb         | 49 ++++++++++++++++++
 app/controllers/idv/in_person_controller.rb   |  2 +-
 .../sign_up/registrations_controller.rb       | 20 +++++++-
 .../idv/steps/threat_metrix_step_helper.rb    | 32 +-----------
 app/services/threat_metrix_helper.rb          | 36 +++++++++++++
 app/views/idv/shared/ssn.html.erb             | 19 +++----
 .../shared/_threat_metrix_profiling.html.erb  | 19 +++++++
 app/views/sign_up/registrations/new.html.erb  |  9 ++++
 config/application.yml.default                |  2 +
 lib/feature_management.rb                     | 10 ++++
 lib/identity_config.rb                        |  5 ++
 .../{idv => }/threat_metrix_concern_spec.rb   |  4 +-
 13 files changed, 159 insertions(+), 99 deletions(-)
 delete mode 100644 app/controllers/concerns/idv/threat_metrix_concern.rb
 create mode 100644 app/controllers/concerns/threat_metrix_concern.rb
 create mode 100644 app/services/threat_metrix_helper.rb
 create mode 100644 app/views/shared/_threat_metrix_profiling.html.erb
 rename spec/controllers/concerns/{idv => }/threat_metrix_concern_spec.rb (96%)

diff --git a/app/controllers/concerns/idv/threat_metrix_concern.rb b/app/controllers/concerns/idv/threat_metrix_concern.rb
deleted file mode 100644
index e7780ccf7a4..00000000000
--- a/app/controllers/concerns/idv/threat_metrix_concern.rb
+++ /dev/null
@@ -1,51 +0,0 @@
-# frozen_string_literal: true
-
-module Idv
-  module ThreatMetrixConcern
-    THREAT_METRIX_DOMAIN = 'h.online-metrix.net'
-    THREAT_METRIX_WILDCARD_DOMAIN = '*.online-metrix.net'
-
-    def override_csp_for_threat_metrix
-      return unless FeatureManagement.proofing_device_profiling_collecting_enabled?
-
-      threat_metrix_csp_overrides
-    end
-
-    def threat_metrix_csp_overrides
-      policy = current_content_security_policy
-
-      # ThreatMetrix requires additional Content Security Policy (CSP)
-      # directives to be added to the response to enable its JS to run
-      # in the browser.
-
-      # `script-src` must be updated to enable:
-      #   - The domain hosting ThreatMetrix JS (so it can be included on the page)
-      #   - `unsafe-eval`, since the ThreatMetrix JS uses eval() internally.
-      policy.script_src(*policy.script_src.to_set.merge([THREAT_METRIX_DOMAIN, :unsafe_eval]))
-
-      # `style-src` must be updated to enable:
-      #   - `unsafe-inline`, since the ThreatMetrix library applies inline
-      #      styles to elements it inserts into the DOM
-      request.content_security_policy_nonce_directives =
-        request.content_security_policy_nonce_directives.without('style-src')
-      policy.style_src(*(policy.style_src.to_set << :unsafe_inline))
-
-      # `img-src` must be updated to enable:
-      #   - A wildcard domain, since the JS loads images from different
-      #     subdomains of the main ThreatMetrix domain.
-      policy.img_src(*(policy.img_src.to_set << THREAT_METRIX_WILDCARD_DOMAIN))
-
-      # `connect-src` must be updated to enable:
-      #   - The domain hosting ThreatMetrix JS, since ThreatMetrix makes XHR
-      #     requests to this domain.
-      policy.connect_src(*(policy.connect_src.to_set << THREAT_METRIX_DOMAIN))
-
-      # `child-src` must be updated to enable:
-      #   - The domain hosting ThreatMetrix JS, which used to load a fallback
-      #     `<iframe>` element when Javascript is disabled.
-      policy.child_src(*(policy.child_src.to_set << THREAT_METRIX_DOMAIN))
-
-      request.content_security_policy = policy
-    end
-  end
-end
diff --git a/app/controllers/concerns/threat_metrix_concern.rb b/app/controllers/concerns/threat_metrix_concern.rb
new file mode 100644
index 00000000000..570b8c69fb3
--- /dev/null
+++ b/app/controllers/concerns/threat_metrix_concern.rb
@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+module ThreatMetrixConcern
+  THREAT_METRIX_DOMAIN = 'h.online-metrix.net'
+  THREAT_METRIX_WILDCARD_DOMAIN = '*.online-metrix.net'
+
+  def override_csp_for_threat_metrix
+    return unless FeatureManagement.proofing_device_profiling_collecting_enabled?
+
+    threat_metrix_csp_overrides
+  end
+
+  def threat_metrix_csp_overrides
+    policy = current_content_security_policy
+
+    # ThreatMetrix requires additional Content Security Policy (CSP)
+    # directives to be added to the response to enable its JS to run
+    # in the browser.
+
+    # `script-src` must be updated to enable:
+    #   - The domain hosting ThreatMetrix JS (so it can be included on the page)
+    #   - `unsafe-eval`, since the ThreatMetrix JS uses eval() internally.
+    policy.script_src(*policy.script_src.to_set.merge([THREAT_METRIX_DOMAIN, :unsafe_eval]))
+
+    # `style-src` must be updated to enable:
+    #   - `unsafe-inline`, since the ThreatMetrix library applies inline
+    #      styles to elements it inserts into the DOM
+    request.content_security_policy_nonce_directives =
+      request.content_security_policy_nonce_directives.without('style-src')
+    policy.style_src(*(policy.style_src.to_set << :unsafe_inline))
+
+    # `img-src` must be updated to enable:
+    #   - A wildcard domain, since the JS loads images from different
+    #     subdomains of the main ThreatMetrix domain.
+    policy.img_src(*(policy.img_src.to_set << THREAT_METRIX_WILDCARD_DOMAIN))
+
+    # `connect-src` must be updated to enable:
+    #   - The domain hosting ThreatMetrix JS, since ThreatMetrix makes XHR
+    #     requests to this domain.
+    policy.connect_src(*(policy.connect_src.to_set << THREAT_METRIX_DOMAIN))
+
+    # `child-src` must be updated to enable:
+    #   - The domain hosting ThreatMetrix JS, which used to load a fallback
+    #     `<iframe>` element when Javascript is disabled.
+    policy.child_src(*(policy.child_src.to_set << THREAT_METRIX_DOMAIN))
+
+    request.content_security_policy = policy
+  end
+end
diff --git a/app/controllers/idv/in_person_controller.rb b/app/controllers/idv/in_person_controller.rb
index c60f05c79d4..49071561e0c 100644
--- a/app/controllers/idv/in_person_controller.rb
+++ b/app/controllers/idv/in_person_controller.rb
@@ -12,7 +12,7 @@ class InPersonController < ApplicationController
 
     include IdvSessionConcern
     include Flow::FlowStateMachine
-    include Idv::ThreatMetrixConcern
+    include ThreatMetrixConcern
 
     before_action :redirect_if_flow_completed
 
diff --git a/app/controllers/sign_up/registrations_controller.rb b/app/controllers/sign_up/registrations_controller.rb
index 0c02b4cbf99..6d273eda3d7 100644
--- a/app/controllers/sign_up/registrations_controller.rb
+++ b/app/controllers/sign_up/registrations_controller.rb
@@ -3,17 +3,20 @@
 module SignUp
   class RegistrationsController < ApplicationController
     include ApplicationHelper # for ial2_requested?
+    include ThreatMetrixHelper
+    include ThreatMetrixConcern
 
     before_action :confirm_two_factor_authenticated, only: [:destroy_confirm]
     before_action :require_no_authentication
     before_action :redirect_if_ial2_and_idv_unavailable
+    before_action :override_csp_for_threat_metrix
 
     CREATE_ACCOUNT = 'create_account'
 
     def new
       @register_user_email_form = RegisterUserEmailForm.new(analytics:)
       analytics.user_registration_enter_email_visit
-      render :new, formats: :html
+      render :new, formats: :html, locals: threatmetrix_variables
     end
 
     def create
@@ -64,5 +67,20 @@ def redirect_if_ial2_and_idv_unavailable
         redirect_to idv_unavailable_path(from: CREATE_ACCOUNT)
       end
     end
+
+    def threatmetrix_variables
+      return {} unless FeatureManagement.account_creation_device_profiling_collecting_enabled?
+      session_id = generate_threatmetrix_session_id
+
+      {
+        threatmetrix_session_id: session_id,
+        threatmetrix_javascript_urls: threatmetrix_javascript_urls(session_id),
+        threatmetrix_iframe_url: threatmetrix_iframe_url(session_id),
+      }
+    end
+
+    def generate_threatmetrix_session_id
+      session[:threatmetrix_session_id] ||= SecureRandom.uuid
+    end
   end
 end
diff --git a/app/services/idv/steps/threat_metrix_step_helper.rb b/app/services/idv/steps/threat_metrix_step_helper.rb
index a17d4581368..839a53e0b67 100644
--- a/app/services/idv/steps/threat_metrix_step_helper.rb
+++ b/app/services/idv/steps/threat_metrix_step_helper.rb
@@ -3,6 +3,7 @@
 module Idv
   module Steps
     module ThreatMetrixStepHelper
+      include ThreatMetrixHelper
       def threatmetrix_view_variables(updating_ssn)
         session_id = generate_threatmetrix_session_id(updating_ssn)
 
@@ -28,37 +29,6 @@ def should_generate_new_threatmetrix_session_id?(updating_ssn)
           true
         end
       end
-
-      # @return [Array<String>]
-      def threatmetrix_javascript_urls(session_id)
-        sources = if IdentityConfig.store.lexisnexis_threatmetrix_mock_enabled
-                    Rails.application.config.asset_sources.get_sources('mock-device-profiling')
-                  else
-                    ['https://h.online-metrix.net/fp/tags.js']
-                  end
-
-        sources.map do |source|
-          UriService.add_params(
-            source,
-            org_id: IdentityConfig.store.lexisnexis_threatmetrix_org_id,
-            session_id: session_id,
-          )
-        end
-      end
-
-      def threatmetrix_iframe_url(session_id)
-        source = if IdentityConfig.store.lexisnexis_threatmetrix_mock_enabled
-                   Rails.application.routes.url_helpers.test_device_profiling_iframe_url
-                 else
-                   'https://h.online-metrix.net/fp/tags'
-                 end
-
-        UriService.add_params(
-          source,
-          org_id: IdentityConfig.store.lexisnexis_threatmetrix_org_id,
-          session_id: session_id,
-        )
-      end
     end
   end
 end
diff --git a/app/services/threat_metrix_helper.rb b/app/services/threat_metrix_helper.rb
new file mode 100644
index 00000000000..f708211d1ed
--- /dev/null
+++ b/app/services/threat_metrix_helper.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module ThreatMetrixHelper
+  THREAT_METRIX_URL = 'https://h.online-metrix.net/fp'
+
+  # @return [Array<String>]
+  def threatmetrix_javascript_urls(session_id)
+    sources = if IdentityConfig.store.lexisnexis_threatmetrix_mock_enabled
+                Rails.application.config.asset_sources.get_sources('mock-device-profiling')
+              else
+                ["#{THREAT_METRIX_URL}/tags.js"]
+              end
+
+    sources.map do |source|
+      UriService.add_params(
+        source,
+        org_id: IdentityConfig.store.lexisnexis_threatmetrix_org_id,
+        session_id: session_id,
+      )
+    end
+  end
+
+  def threatmetrix_iframe_url(session_id)
+    source = if IdentityConfig.store.lexisnexis_threatmetrix_mock_enabled
+               Rails.application.routes.url_helpers.test_device_profiling_iframe_url
+             else
+               "#{THREAT_METRIX_URL}/tags"
+             end
+
+    UriService.add_params(
+      source,
+      org_id: IdentityConfig.store.lexisnexis_threatmetrix_org_id,
+      session_id: session_id,
+    )
+  end
+end
diff --git a/app/views/idv/shared/ssn.html.erb b/app/views/idv/shared/ssn.html.erb
index 83fee475941..7670b9db935 100644
--- a/app/views/idv/shared/ssn.html.erb
+++ b/app/views/idv/shared/ssn.html.erb
@@ -39,19 +39,12 @@ locals:
 </p>
 
 <% if FeatureManagement.proofing_device_profiling_collecting_enabled? %>
-  <% if threatmetrix_session_id.present? %>
-    <% threatmetrix_javascript_urls.each do |threatmetrix_javascript_url| %>
-      <%= javascript_include_tag threatmetrix_javascript_url, nonce: true %>
-    <% end %>
-    <noscript>
-      <%= content_tag(
-            :iframe,
-            '',
-            src: threatmetrix_iframe_url,
-            style: 'width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;',
-          ) %>
-    </noscript>
-  <% end %>
+  <%= render partial: 'shared/threat_metrix_profiling',
+             locals: {
+               threatmetrix_session_id:,
+               threatmetrix_javascript_urls:,
+               threatmetrix_iframe_url:,
+             } %>
 <% end %>
 
 <% if IdentityConfig.store.proofer_mock_fallback %>
diff --git a/app/views/shared/_threat_metrix_profiling.html.erb b/app/views/shared/_threat_metrix_profiling.html.erb
new file mode 100644
index 00000000000..babf648d156
--- /dev/null
+++ b/app/views/shared/_threat_metrix_profiling.html.erb
@@ -0,0 +1,19 @@
+<%#
+locals:
+* threatmetrix_session_id: Session id for users threatmetrix session
+* threatmetrix_javascript_urls: Url for threatmetrix javascript
+* threatmetrix_iframe_url: Iframe as fallback in case javascript fails. 
+%>
+<% if threatmetrix_session_id.present? %>
+  <% threatmetrix_javascript_urls.each do |threatmetrix_javascript_url| %>
+    <%= javascript_include_tag threatmetrix_javascript_url, nonce: true %>
+  <% end %>
+  <noscript>
+    <%= content_tag(
+          :iframe,
+          '',
+          src: threatmetrix_iframe_url,
+          style: 'width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;',
+        ) %>
+  </noscript>
+<% end %>
\ No newline at end of file
diff --git a/app/views/sign_up/registrations/new.html.erb b/app/views/sign_up/registrations/new.html.erb
index 2e24d495d62..c31939994e6 100644
--- a/app/views/sign_up/registrations/new.html.erb
+++ b/app/views/sign_up/registrations/new.html.erb
@@ -17,6 +17,15 @@
 
 <%= render PageHeadingComponent.new.with_content(t('headings.create_account_new_users')) %>
 
+<% if FeatureManagement.account_creation_device_profiling_collecting_enabled? %>
+  <%= render partial: 'shared/threat_metrix_profiling',
+             locals: {
+               threatmetrix_session_id:,
+               threatmetrix_javascript_urls:,
+               threatmetrix_iframe_url:,
+             } %>
+<% end %>
+
 <%= simple_form_for(@register_user_email_form, url: sign_up_register_path) do |f| %>
   <%= render ValidatedFieldComponent.new(
         form: f,
diff --git a/config/application.yml.default b/config/application.yml.default
index 92057c61299..ef8d81c4a72 100644
--- a/config/application.yml.default
+++ b/config/application.yml.default
@@ -20,6 +20,7 @@ aamva_cert_enabled: true
 aamva_supported_jurisdictions: '["AL","AR","AZ","CO","CT","DC","DE","FL","GA","HI","IA","ID","IL","IN","KS","KY","MA","MD","ME","MI","MO","MS","MT","NC","ND","NE","NJ","NM","NV","OH","OR","PA","RI","SC","SD","TN","TX","VA","VT","WA","WI","WV","WY"]'
 aamva_verification_request_timeout: 5.0
 aamva_verification_url: https://example.org:12345/verification/url
+account_creation_device_profiling: disabled
 account_reset_fraud_user_wait_period_days:
 account_reset_token_valid_for_days: 1
 account_reset_wait_period_days: 1
@@ -403,6 +404,7 @@ weekly_auth_funnel_report_config: '[]'
 development:
   aamva_private_key: 123abc
   aamva_public_key: 123abc
+  account_creation_device_profiling: collect_only
   attribute_encryption_key: 2086dfbd15f5b0c584f3664422a1d3409a0d2aa6084f65b6ba57d64d4257431c124158670c7655e45cabe64194f7f7b6c7970153c285bdb8287ec0c4f7553e25
   attribute_encryption_key_queue: '[{ "key": "11111111111111111111111111111111" }, { "key": "22222222222222222222222222222222" }]'
   check_user_password_compromised_enabled: true
diff --git a/lib/feature_management.rb b/lib/feature_management.rb
index 3642ff1404f..3e315aa5290 100644
--- a/lib/feature_management.rb
+++ b/lib/feature_management.rb
@@ -125,6 +125,16 @@ def self.recaptcha_enterprise?
       IdentityConfig.store.recaptcha_enterprise_project_id.present?
   end
 
+  # Whether we collect device profiling information as part of the account creation process
+  def self.account_creation_device_profiling_collecting_enabled?
+    case IdentityConfig.store.account_creation_device_profiling
+    when :enabled, :collect_only then true
+    when :disabled then false
+    else
+      raise 'Invalid value for account_creation_device_profiling'
+    end
+  end
+
   # Whether we collect device profiling information as part of the proofing process.
   def self.proofing_device_profiling_collecting_enabled?
     case IdentityConfig.store.proofing_device_profiling
diff --git a/lib/identity_config.rb b/lib/identity_config.rb
index 67388dead1d..281618894f5 100644
--- a/lib/identity_config.rb
+++ b/lib/identity_config.rb
@@ -36,6 +36,11 @@ def self.store
     config.add(:aamva_supported_jurisdictions, type: :json)
     config.add(:aamva_verification_request_timeout, type: :float)
     config.add(:aamva_verification_url)
+    config.add(
+      :account_creation_device_profiling,
+      type: :symbol,
+      enum: [:disabled, :collect_only, :enabled],
+    )
     config.add(:account_reset_token_valid_for_days, type: :integer)
     config.add(:account_reset_wait_period_days, type: :integer)
     config.add(:account_reset_fraud_user_wait_period_days, type: :integer, allow_nil: true)
diff --git a/spec/controllers/concerns/idv/threat_metrix_concern_spec.rb b/spec/controllers/concerns/threat_metrix_concern_spec.rb
similarity index 96%
rename from spec/controllers/concerns/idv/threat_metrix_concern_spec.rb
rename to spec/controllers/concerns/threat_metrix_concern_spec.rb
index c0866e3e6a6..1bc6df97b58 100644
--- a/spec/controllers/concerns/idv/threat_metrix_concern_spec.rb
+++ b/spec/controllers/concerns/threat_metrix_concern_spec.rb
@@ -2,9 +2,9 @@
 
 require 'rails_helper'
 
-RSpec.describe Idv::ThreatMetrixConcern, type: :controller do
+RSpec.describe ThreatMetrixConcern, type: :controller do
   controller ApplicationController do
-    include Idv::ThreatMetrixConcern
+    include ThreatMetrixConcern
 
     before_action :override_csp_for_threat_metrix
 

From a2dc450723c52a3dd78f3fec996db7990245450d Mon Sep 17 00:00:00 2001
From: Gina <125507397+gina-yamada@users.noreply.github.com>
Date: Fri, 4 Oct 2024 13:32:17 -0400
Subject: [PATCH 08/11] changelog: Internal, In-person proofing, fix specs
 (#11314)

---
 .../idv/how_to_verify/show.html.erb_spec.rb   | 174 +++++++++---------
 1 file changed, 85 insertions(+), 89 deletions(-)

diff --git a/spec/views/idv/how_to_verify/show.html.erb_spec.rb b/spec/views/idv/how_to_verify/show.html.erb_spec.rb
index 05c2be9fb51..4e7b1e6cfad 100644
--- a/spec/views/idv/how_to_verify/show.html.erb_spec.rb
+++ b/spec/views/idv/how_to_verify/show.html.erb_spec.rb
@@ -17,49 +17,47 @@
       render
     end
 
-    context 'renders the show template with' do
-      it('a step indicator with Getting started as the current step') do
-        expect(view.content_for(:pre_flash_content)).to have_css(
-          '.step-indicator__step--current',
-          text: t('step_indicator.flows.idv.getting_started'),
-        )
-      end
-
-      it 'a title' do
-        expect(rendered).to have_content(t('doc_auth.headings.how_to_verify'))
-      end
-
-      it 'two options for verifying your identity' do
-        expect(rendered).to have_content(t('doc_auth.headings.verify_online'))
-        expect(rendered).to have_content(t('doc_auth.headings.verify_at_post_office'))
-      end
-
-      it 'a button for remote and ipp' do
-        expect(rendered).to have_button(t('forms.buttons.continue_remote'))
-        expect(rendered).to have_button(t('forms.buttons.continue_ipp'))
-      end
-
-      it 'a troubleshooting section' do
-        expect(rendered).to have_content(
-          t('doc_auth.info.how_to_verify_troubleshooting_options_header'),
-        )
-        expect(rendered).to have_link(t('doc_auth.info.verify_online_link_text'))
-        expect(rendered).to have_link(t('doc_auth.info.verify_at_post_office_link_text'))
-      end
-
-      it 'a cancel link' do
-        expect(rendered).to have_link(t('links.cancel'))
-      end
-
-      it 'non-selfie specific content' do
-        expect(rendered).to have_content(t('doc_auth.info.how_to_verify'))
-        expect(rendered).not_to have_content(t('doc_auth.tips.mobile_phone_required'))
-        expect(rendered).to have_content(t('doc_auth.headings.verify_online'))
-        expect(rendered).to have_content(t('doc_auth.info.verify_online_instruction'))
-        expect(rendered).to have_content(t('doc_auth.info.verify_online_description'))
-        expect(rendered).to have_content(t('doc_auth.info.verify_at_post_office_instruction'))
-        expect(rendered).to have_content(t('doc_auth.info.verify_at_post_office_description'))
-      end
+    it 'renders a step indicator with Getting started as the current step' do
+      expect(view.content_for(:pre_flash_content)).to have_css(
+        '.step-indicator__step--current',
+        text: t('step_indicator.flows.idv.getting_started'),
+      )
+    end
+
+    it 'renders a title' do
+      expect(rendered).to have_content(t('doc_auth.headings.how_to_verify'))
+    end
+
+    it 'renders two options for verifying your identity' do
+      expect(rendered).to have_content(t('doc_auth.headings.verify_online'))
+      expect(rendered).to have_content(t('doc_auth.headings.verify_at_post_office'))
+    end
+
+    it 'renders a button for remote and ipp' do
+      expect(rendered).to have_button(t('forms.buttons.continue_remote'))
+      expect(rendered).to have_button(t('forms.buttons.continue_ipp'))
+    end
+
+    it 'renders a troubleshooting section' do
+      expect(rendered).to have_content(
+        t('doc_auth.info.how_to_verify_troubleshooting_options_header'),
+      )
+      expect(rendered).to have_link(t('doc_auth.info.verify_online_link_text'))
+      expect(rendered).to have_link(t('doc_auth.info.verify_at_post_office_link_text'))
+    end
+
+    it 'renders a cancel link' do
+      expect(rendered).to have_link(t('links.cancel'))
+    end
+
+    it 'renders non-selfie specific content' do
+      expect(rendered).to have_content(t('doc_auth.info.how_to_verify'))
+      expect(rendered).not_to have_content(t('doc_auth.tips.mobile_phone_required'))
+      expect(rendered).to have_content(t('doc_auth.headings.verify_online'))
+      expect(rendered).to have_content(t('doc_auth.info.verify_online_instruction'))
+      expect(rendered).to have_content(t('doc_auth.info.verify_online_description'))
+      expect(rendered).to have_content(t('doc_auth.info.verify_at_post_office_instruction'))
+      expect(rendered).to have_content(t('doc_auth.info.verify_at_post_office_description'))
     end
   end
 
@@ -71,52 +69,50 @@
       render
     end
 
-    context 'renders the show template with' do
-      it('a step indicator with Getting started as the current step') do
-        expect(view.content_for(:pre_flash_content)).to have_css(
-          '.step-indicator__step--current',
-          text: t('step_indicator.flows.idv.getting_started'),
-        )
-      end
-
-      it 'a title' do
-        expect(rendered).to have_content(t('doc_auth.headings.how_to_verify'))
-      end
-
-      it 'two options for verifying your identity' do
-        expect(rendered).to have_content(t('doc_auth.headings.verify_online_selfie'))
-        expect(rendered).to have_content(t('doc_auth.headings.verify_at_post_office'))
-      end
-
-      it 'a button for remote and ipp' do
-        expect(rendered).to have_button(t('forms.buttons.continue_remote_selfie'))
-        expect(rendered).to have_button(t('forms.buttons.continue_ipp'))
-      end
-
-      it 'a troubleshooting section' do
-        expect(rendered).to have_content(
-          t('doc_auth.info.how_to_verify_troubleshooting_options_header'),
-        )
-        expect(rendered).to have_link(t('doc_auth.info.verify_online_link_text'))
-        expect(rendered).to have_link(t('doc_auth.info.verify_at_post_office_link_text'))
-      end
-
-      it 'a cancel link' do
-        expect(rendered).to have_link(t('links.cancel'))
-      end
-
-      it 'selfie specific content' do
-        expect(rendered).to have_content(t('doc_auth.info.how_to_verify_selfie'))
-        expect(rendered).to have_content(t('doc_auth.tips.mobile_phone_required'))
-        expect(rendered).to have_content(t('doc_auth.info.verify_online_instruction_selfie'))
-        expect(rendered).to have_content(t('doc_auth.info.verify_online_description_selfie'))
-        expect(rendered).to have_content(
-          t('doc_auth.info.verify_at_post_office_instruction_selfie'),
-        )
-        expect(rendered).to have_content(
-          t('doc_auth.info.verify_at_post_office_description_selfie'),
-        )
-      end
+    it 'renders a step indicator with Getting started as the current step' do
+      expect(view.content_for(:pre_flash_content)).to have_css(
+        '.step-indicator__step--current',
+        text: t('step_indicator.flows.idv.getting_started'),
+      )
+    end
+
+    it 'renders a title' do
+      expect(rendered).to have_content(t('doc_auth.headings.how_to_verify'))
+    end
+
+    it 'renders two options for verifying your identity' do
+      expect(rendered).to have_content(t('doc_auth.headings.verify_online_selfie'))
+      expect(rendered).to have_content(t('doc_auth.headings.verify_at_post_office'))
+    end
+
+    it 'renders a button for remote and ipp' do
+      expect(rendered).to have_button(t('forms.buttons.continue_remote_selfie'))
+      expect(rendered).to have_button(t('forms.buttons.continue_ipp'))
+    end
+
+    it 'renders a troubleshooting section' do
+      expect(rendered).to have_content(
+        t('doc_auth.info.how_to_verify_troubleshooting_options_header'),
+      )
+      expect(rendered).to have_link(t('doc_auth.info.verify_online_link_text'))
+      expect(rendered).to have_link(t('doc_auth.info.verify_at_post_office_link_text'))
+    end
+
+    it 'renders a cancel link' do
+      expect(rendered).to have_link(t('links.cancel'))
+    end
+
+    it 'renders selfie specific content' do
+      expect(rendered).to have_content(t('doc_auth.info.how_to_verify_selfie'))
+      expect(rendered).to have_content(t('doc_auth.tips.mobile_phone_required'))
+      expect(rendered).to have_content(t('doc_auth.info.verify_online_instruction_selfie'))
+      expect(rendered).to have_content(t('doc_auth.info.verify_online_description_selfie'))
+      expect(rendered).to have_content(
+        t('doc_auth.info.verify_at_post_office_instruction_selfie'),
+      )
+      expect(rendered).to have_content(
+        t('doc_auth.info.verify_at_post_office_description_selfie'),
+      )
     end
   end
 end

From a1b84f8d43df0a16bc6ca2bf307bb148945d9a78 Mon Sep 17 00:00:00 2001
From: Andrew Duthie <1779930+aduth@users.noreply.github.com>
Date: Mon, 7 Oct 2024 10:41:39 -0400
Subject: [PATCH 09/11] LG-14398: Add translations for "Email not yet selected"
 (#11320)

changelog: Upcoming Features, Partner Email Selection, Add translations for email not yet selected
---
 config/locales/es.yml | 2 +-
 config/locales/fr.yml | 2 +-
 config/locales/zh.yml | 2 +-
 spec/i18n_spec.rb     | 1 -
 4 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/config/locales/es.yml b/config/locales/es.yml
index 5f91a9c97f8..d6047a4a6ee 100644
--- a/config/locales/es.yml
+++ b/config/locales/es.yml
@@ -41,7 +41,7 @@ account_reset.request.yes_continue: Sí, continuar con la eliminación
 account.connected_apps.associated_attributes_html: 'Conectado el %{timestamp_html} con:'
 account.connected_apps.associated_html: 'Conectado: %{timestamp_html}'
 account.connected_apps.description: Con su cuenta de %{app_name}, puede conectarse de manera segura a muchas cuentas del gobierno en línea. Esta es una lista de todas las cuentas que tiene conectadas actualmente.
-account.connected_apps.email_not_selected: Email not yet selected
+account.connected_apps.email_not_selected: No se seleccionó correo electrónico aún
 account.email_language.default: '%{language} (predeterminado)'
 account.email_language.edit_title: Editar la preferencia de idioma del correo electrónico
 account.email_language.languages_list: Recibirá mensajes de correo electrónico de %{app_name} en el idioma que elija.
diff --git a/config/locales/fr.yml b/config/locales/fr.yml
index 5597ac0e112..cdf474933a0 100644
--- a/config/locales/fr.yml
+++ b/config/locales/fr.yml
@@ -41,7 +41,7 @@ account_reset.request.yes_continue: Oui, continuer la suppression
 account.connected_apps.associated_attributes_html: 'Connecté %{timestamp_html} avec :'
 account.connected_apps.associated_html: Connecté %{timestamp_html}
 account.connected_apps.description: Avec votre compte %{app_name}, vous pouvez vous connecter en toute sécurité à plusieurs comptes de l’administration en ligne. Vous trouverez ci-dessous une liste de tous vos comptes actuellement connectés.
-account.connected_apps.email_not_selected: Email not yet selected
+account.connected_apps.email_not_selected: Adresse e-mail non encore sélectionnée
 account.email_language.default: '%{language} (par défaut)'
 account.email_language.edit_title: Modifier la langue dans laquelle vous préférez recevoir les e-mails
 account.email_language.languages_list: Vous recevrez des e-mails de %{app_name} dans la langue de votre choix.
diff --git a/config/locales/zh.yml b/config/locales/zh.yml
index 898e5f9ca1d..f4f1a6e525b 100644
--- a/config/locales/zh.yml
+++ b/config/locales/zh.yml
@@ -41,7 +41,7 @@ account_reset.request.yes_continue: 是的，继续删除
 account.connected_apps.associated_attributes_html: '在 %{timestamp_html} 用以下电邮做的连接：'
 account.connected_apps.associated_html: 已连接 %{timestamp_html}
 account.connected_apps.description: 使用你的 %{app_name} 账户，你可以安全地连接到网上多个政府账户。以下列出了你目前已连接的所有账户。
-account.connected_apps.email_not_selected: Email not yet selected
+account.connected_apps.email_not_selected: 尚未选择电邮
 account.email_language.default: '%{language} （默认）'
 account.email_language.edit_title: 编辑电邮语言选择
 account.email_language.languages_list: 您将收到%{app_name}用您选择的语言发送的电子邮件。
diff --git a/spec/i18n_spec.rb b/spec/i18n_spec.rb
index d84bf2abc83..ebcabaded71 100644
--- a/spec/i18n_spec.rb
+++ b/spec/i18n_spec.rb
@@ -75,7 +75,6 @@ class BaseTask
         { key: 'time.formats.event_timestamp', locales: %i[zh] },
         { key: 'time.formats.full_date', locales: %i[es] }, # format is the same in Spanish and English
         { key: 'time.formats.sms_date' }, # for us date format
-        { key: 'account.connected_apps.email_not_selected' }, # See: LG-14398
       ].freeze
       # rubocop:enable Layout/LineLength
 

From f0ffbb25ea593e38c4baf2c8f977c49911cb083a Mon Sep 17 00:00:00 2001
From: Matt Hinz <matt.hinz@gsa.gov>
Date: Mon, 7 Oct 2024 10:02:36 -0700
Subject: [PATCH 10/11] IdentityVerificationReport spec updates (#11319)

* Update examples in IdentityVerificationReport spec

There were two sets of records referring to `user3` that I think were supposed to be for separate users.

[skip changelog]

* Update description of user

* Update other specs
---
 .../identity_verification_report_spec.rb      | 59 ++++++++++---------
 1 file changed, 30 insertions(+), 29 deletions(-)

diff --git a/spec/lib/reporting/identity_verification_report_spec.rb b/spec/lib/reporting/identity_verification_report_spec.rb
index 863dd6774d2..e7c96ac53bf 100644
--- a/spec/lib/reporting/identity_verification_report_spec.rb
+++ b/spec/lib/reporting/identity_verification_report_spec.rb
@@ -30,20 +30,13 @@
         { 'user_id' => 'user2', 'name' => 'IdV: doc auth image upload vendor submitted', 'success' => '1' },
         { 'user_id' => 'user2', 'name' => 'IdV: final resolution', 'gpo_verification_pending' => '1' },
 
-        # Fraud review user (incomplete)
+        # Fraud review passed user
         { 'user_id' => 'user3', 'name' => 'IdV: doc auth welcome visited' },
         { 'user_id' => 'user3', 'name' => 'IdV: doc auth welcome submitted' },
         { 'user_id' => 'user3', 'name' => 'IdV: doc auth image upload vendor submitted', 'success' => '1' },
         { 'user_id' => 'user3', 'name' => 'IdV: final resolution', 'fraud_review_pending' => '1' },
         { 'user_id' => 'user3', 'name' => 'Fraud: Profile review passed', 'success' => '1' },
 
-        # Fraud review user (rejected)
-        { 'user_id' => 'user3', 'name' => 'IdV: doc auth welcome visited' },
-        { 'user_id' => 'user3', 'name' => 'IdV: doc auth welcome submitted' },
-        { 'user_id' => 'user3', 'name' => 'IdV: doc auth image upload vendor submitted', 'success' => '1' },
-        { 'user_id' => 'user3', 'name' => 'IdV: final resolution', 'fraud_review_pending' => '1' },
-        { 'user_id' => 'user3', 'name' => 'Fraud: Profile review rejected', 'success' => '1' },
-
         # Success through address confirmation user
         { 'user_id' => 'user4', 'name' => 'IdV: GPO verification submitted' },
         { 'user_id' => 'user4', 'name' => 'Fraud: Profile review passed', 'success' => '1' },
@@ -59,6 +52,14 @@
         { 'user_id' => 'user6', 'name' => 'IdV: doc auth welcome visited' },
         { 'user_id' => 'user6', 'name' => 'IdV: doc auth welcome submitted' },
         { 'user_id' => 'user6', 'name' => 'IdV: doc auth image upload vendor submitted', 'doc_auth_failed_non_fraud' => '1' },
+
+        # Fraud review user (rejected)
+        { 'user_id' => 'user7', 'name' => 'IdV: doc auth welcome visited' },
+        { 'user_id' => 'user7', 'name' => 'IdV: doc auth welcome submitted' },
+        { 'user_id' => 'user7', 'name' => 'IdV: doc auth image upload vendor submitted', 'success' => '1' },
+        { 'user_id' => 'user7', 'name' => 'IdV: final resolution', 'fraud_review_pending' => '1' },
+        { 'user_id' => 'user7', 'name' => 'Fraud: Profile review rejected', 'success' => '1' },
+
       ],
     )
   end
@@ -72,13 +73,13 @@
         [],
         ['Metric', '# of Users'],
         [],
-        ['IDV started', 5],
-        ['Welcome Submitted', 5],
-        ['Image Submitted', 5],
+        ['IDV started', 6],
+        ['Welcome Submitted', 6],
+        ['Image Submitted', 6],
         [],
-        ['Workflow completed', 4],
+        ['Workflow completed', 5],
         ['Workflow completed - With Phone Number', 1],
-        ['Workflow completed - With Phone Number - Fraud Review', 1],
+        ['Workflow completed - With Phone Number - Fraud Review', 2],
         ['Workflow completed - GPO Pending', 1],
         ['Workflow completed - GPO Pending - Fraud Review', 0],
         ['Workflow completed - In-Person Pending', 1],
@@ -92,9 +93,9 @@
         ['Successfully Verified - With mailed code', 1],
         ['Successfully Verified - In Person', 1],
         ['Successfully Verified - Passed fraud review', 2],
-        ['Blanket Proofing Rate (IDV Started to Successfully Verified)', 0.8],
-        ['Intent Proofing Rate (Welcome Submitted to Successfully Verified)', 0.8],
-        ['Actual Proofing Rate (Image Submitted to Successfully Verified)', 0.8],
+        ['Blanket Proofing Rate (IDV Started to Successfully Verified)', 0.6666666666666666],
+        ['Intent Proofing Rate (Welcome Submitted to Successfully Verified)', 0.6666666666666666],
+        ['Actual Proofing Rate (Image Submitted to Successfully Verified)', 0.6666666666666666],
         ['Industry Proofing Rate (Verified minus IDV Rejected)', 0.8],
       ]
       # rubocop:enable Layout/LineLength
@@ -118,13 +119,13 @@
         [],
         ['Metric', '# of Users'],
         [],
-        ['IDV started', '5'],
-        ['Welcome Submitted', '5'],
-        ['Image Submitted', '5'],
+        ['IDV started', '6'],
+        ['Welcome Submitted', '6'],
+        ['Image Submitted', '6'],
         [],
-        ['Workflow completed', '4'],
+        ['Workflow completed', '5'],
         ['Workflow completed - With Phone Number', '1'],
-        ['Workflow completed - With Phone Number - Fraud Review', '1'],
+        ['Workflow completed - With Phone Number - Fraud Review', '2'],
         ['Workflow completed - GPO Pending', '1'],
         ['Workflow completed - GPO Pending - Fraud Review', '0'],
         ['Workflow completed - In-Person Pending', '1'],
@@ -138,9 +139,9 @@
         ['Successfully Verified - With mailed code', '1'],
         ['Successfully Verified - In Person', '1'],
         ['Successfully Verified - Passed fraud review', '2'],
-        ['Blanket Proofing Rate (IDV Started to Successfully Verified)', '0.8'],
-        ['Intent Proofing Rate (Welcome Submitted to Successfully Verified)', '0.8'],
-        ['Actual Proofing Rate (Image Submitted to Successfully Verified)', '0.8'],
+        ['Blanket Proofing Rate (IDV Started to Successfully Verified)', '0.6666666666666666'],
+        ['Intent Proofing Rate (Welcome Submitted to Successfully Verified)', '0.6666666666666666'],
+        ['Actual Proofing Rate (Image Submitted to Successfully Verified)', '0.6666666666666666'],
         ['Industry Proofing Rate (Verified minus IDV Rejected)', '0.8'],
       ]
 
@@ -157,16 +158,16 @@
       expect(report.data.transform_values(&:count)).to eq(
         # events
         'GetUspsProofingResultsJob: Enrollment status updated' => 1,
-        'IdV: doc auth image upload vendor submitted' => 5,
+        'IdV: doc auth image upload vendor submitted' => 6,
         'IdV: doc auth verify proofing results' => 1,
-        'IdV: doc auth welcome submitted' => 5,
-        'IdV: doc auth welcome visited' => 5,
-        'IdV: final resolution' => 4,
+        'IdV: doc auth welcome submitted' => 6,
+        'IdV: doc auth welcome visited' => 6,
+        'IdV: final resolution' => 5,
         'IdV: GPO verification submitted' => 1,
         'IdV: phone confirmation vendor' => 1,
 
         # results
-        'IdV: final resolution - Fraud Review Pending' => 1,
+        'IdV: final resolution - Fraud Review Pending' => 2,
         'IdV: final resolution - GPO Pending' => 1,
         'IdV: final resolution - In Person Proofing' => 1,
         'IdV: final resolution - Verified' => 1,

From 4b189a8730b998f4d58bd07cf08e74265a950441 Mon Sep 17 00:00:00 2001
From: Matt Hinz <matt.hinz@gsa.gov>
Date: Mon, 7 Oct 2024 10:20:43 -0700
Subject: [PATCH 11/11] Update Chinese translation on error screen (#11318)

Identified as part of Sprint 318 translation request 4

[skip changelog]
---
 config/locales/zh.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/locales/zh.yml b/config/locales/zh.yml
index f4f1a6e525b..63847bd1b8f 100644
--- a/config/locales/zh.yml
+++ b/config/locales/zh.yml
@@ -1047,7 +1047,7 @@ idv.failure.exit.without_sp: 退出身份验证并到你的账户页面
 idv.failure.gpo.rate_limited.heading: 请稍后再试
 idv.failure.phone.heading: 我们无法将该电话号码与其他记录相匹配
 idv.failure.phone.jobfail: 出错了，我们现在无法处理你的请求。请再试一次。
-idv.failure.phone.rate_limited.body: 为了你的安全，我们限制你在网上尝试验证电话号码的次数。
+idv.failure.phone.rate_limited.body: 出于安全考虑，我们限制你在网上尝试验证电话号码的次数。
 idv.failure.phone.rate_limited.gpo.button: 通过普通邮件验证
 idv.failure.phone.rate_limited.heading: 我们无法通过电话验证你的身份。
 idv.failure.phone.rate_limited.option_try_again_later_html: 取消并在 <strong>%{time_left}</strong> 后再试