diff --git a/app/Resources/translations/messages.en_GB.xliff b/app/Resources/translations/messages.en_GB.xliff
index 2eb4425b..81a875dc 100644
--- a/app/Resources/translations/messages.en_GB.xliff
+++ b/app/Resources/translations/messages.en_GB.xliff
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:jms="urn:jms:translation" version="1.2">
-  <file date="2016-11-25T16:20:09Z" source-language="en" target-language="en_GB" datatype="plaintext" original="not.available">
+  <file date="2017-06-15T15:47:58Z" source-language="en" target-language="en_GB" datatype="plaintext" original="not.available">
     <header>
       <tool tool-id="JMSTranslationBundle" tool-name="JMSTranslationBundle" tool-version="1.1.0-DEV"/>
       <note>The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message.</note>
@@ -33,72 +33,72 @@
         <target>Nederlands</target>
       </trans-unit>
       <trans-unit id="37836182b3260cbaf343a44bfb622776839666cc" resname="ra.auditlog.action.accredited_as_ra">
-        <jms:reference-file line="63">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="53">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.accredited_as_ra</source>
         <target>Accredited as RA</target>
       </trans-unit>
       <trans-unit id="66b320bfe1f15eabe6e0baa04e94b71c2152f8e2" resname="ra.auditlog.action.accredited_as_raa">
-        <jms:reference-file line="64">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="54">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.accredited_as_raa</source>
         <target>Accredited as RAA</target>
       </trans-unit>
       <trans-unit id="ba50c2f5a7066cd14d8ae1f33c5f4decc892d0b7" resname="ra.auditlog.action.appointed_as_ra">
-        <jms:reference-file line="65">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="55">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.appointed_as_ra</source>
         <target>Appointed as RA</target>
       </trans-unit>
       <trans-unit id="f1a9c08794cd9c91a7f63841cc1c9ff61c3da452" resname="ra.auditlog.action.appointed_as_raa">
-        <jms:reference-file line="66">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="56">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.appointed_as_raa</source>
         <target>Appointed as RAA</target>
       </trans-unit>
       <trans-unit id="9c05a55d8f3ef06afe4f9d81883c0cd6dc415933" resname="ra.auditlog.action.bootstrapped">
-        <jms:reference-file line="62">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="52">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.bootstrapped</source>
         <target>Identity and Token bootstrapped</target>
       </trans-unit>
       <trans-unit id="c9199d83adb7c6ebeaa6cfe08d2fc57f308677a9" resname="ra.auditlog.action.created">
-        <jms:reference-file line="57">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="47">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.created</source>
         <target>Identity Created</target>
       </trans-unit>
       <trans-unit id="f2264e8a139e432bc0b30abd24ab34750e944da0" resname="ra.auditlog.action.email_changed">
-        <jms:reference-file line="58">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="48">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.email_changed</source>
         <target>E-mail changed</target>
       </trans-unit>
       <trans-unit id="8750a7f384fd2159c68613b478b283083c45f8fa" resname="ra.auditlog.action.email_verified">
-        <jms:reference-file line="55">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="45">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.email_verified</source>
         <target>E-mail verified</target>
       </trans-unit>
       <trans-unit id="59b375a103f9bff34d2da25cb0563524354b357d" resname="ra.auditlog.action.possession_proven">
-        <jms:reference-file line="56">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="46">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.possession_proven</source>
         <target>Token possession proven</target>
       </trans-unit>
       <trans-unit id="6182cba621f2930f0600729d0cf846477b645851" resname="ra.auditlog.action.renamed">
-        <jms:reference-file line="59">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="49">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.renamed</source>
         <target>Name changed</target>
       </trans-unit>
       <trans-unit id="625f464c28c526a1fb856c5c6c8387e8d4c49518" resname="ra.auditlog.action.retracted_as_ra">
-        <jms:reference-file line="67">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="57">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.retracted_as_ra</source>
         <target>Removed as RA(A)</target>
       </trans-unit>
       <trans-unit id="3b4520b328a4b841d468fd967962d674db2d2947" resname="ra.auditlog.action.revoked">
-        <jms:reference-file line="61">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="51">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.revoked</source>
         <target>Token revoked</target>
       </trans-unit>
       <trans-unit id="cfa1707c5ee601824695a03199bac938cbac9a62" resname="ra.auditlog.action.revoked_by_ra">
-        <jms:reference-file line="54">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="44">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.revoked_by_ra</source>
         <target>Token revoked by RA</target>
       </trans-unit>
       <trans-unit id="0685bbf771d00c304c5807c48e34ba0c8b73b3eb" resname="ra.auditlog.action.vetted">
-        <jms:reference-file line="60">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="50">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.vetted</source>
         <target>Token vetted</target>
       </trans-unit>
@@ -158,8 +158,8 @@
         <target>RA location successfully created</target>
       </trans-unit>
       <trans-unit id="5a045b50111a6cdd614329837fa07cbf64d896a6" resname="ra.error.button.go_home">
-        <jms:reference-file line="12">views/Exception/error.html.twig</jms:reference-file>
         <jms:reference-file line="12">views/Exception/error404.html.twig</jms:reference-file>
+        <jms:reference-file line="12">views/Exception/error.html.twig</jms:reference-file>
         <source>ra.error.button.go_home</source>
         <target>Back to Home</target>
       </trans-unit>
@@ -254,8 +254,8 @@
         <target>Please report this error + error code to the helpdesk via support@surfconext.nl</target>
       </trans-unit>
       <trans-unit id="97cec45f4b04606121bd0a6613f2673f4e55eff7" resname="ra.error.text.your_art_code">
-        <jms:reference-file line="16">views/Exception/error.html.twig</jms:reference-file>
         <jms:reference-file line="16">views/Exception/error404.html.twig</jms:reference-file>
+        <jms:reference-file line="16">views/Exception/error.html.twig</jms:reference-file>
         <source>ra.error.text.your_art_code</source>
         <target>The error code is:</target>
       </trans-unit>
@@ -285,12 +285,12 @@
         <target>Due to an unknown reason, switching locales failed.</target>
       </trans-unit>
       <trans-unit id="c73b11f71b8ad5d46b3e42e649919aee4bc9ece5" resname="ra.form.extension.ra_role_choice.ra">
-        <jms:reference-file line="50">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="40">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.form.extension.ra_role_choice.ra</source>
         <target>RA</target>
       </trans-unit>
       <trans-unit id="e55aa3fd11b0cd43d84e2e3e41be6729e7fc35f0" resname="ra.form.extension.ra_role_choice.raa">
-        <jms:reference-file line="51">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="41">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.form.extension.ra_role_choice.raa</source>
         <target>RAA</target>
       </trans-unit>
@@ -330,8 +330,8 @@
         <target>E-mail</target>
       </trans-unit>
       <trans-unit id="9f4c34138ef487cdf008770c1257b06291343831" resname="ra.form.ra_search_ra_candidates.label.name">
-        <jms:reference-file line="31">Form/Type/ChangeRaLocationType.php</jms:reference-file>
         <jms:reference-file line="31">Form/Type/SearchRaCandidatesType.php</jms:reference-file>
+        <jms:reference-file line="31">Form/Type/ChangeRaLocationType.php</jms:reference-file>
         <source>ra.form.ra_search_ra_candidates.label.name</source>
         <target>Name</target>
       </trans-unit>
@@ -476,7 +476,7 @@
         <target>Verify identity</target>
       </trans-unit>
       <trans-unit id="584ef35d6af2f2917e708a1a6092f0b0938151e4" resname="ra.management.amend_ra_info.error.middleware_command_failed">
-        <jms:reference-file line="74">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="64">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.amend_ra_info.error.middleware_command_failed</source>
         <target>The amendment of the RA's information failed due to a server error.</target>
       </trans-unit>
@@ -564,7 +564,7 @@
         <target>The Registration Authority has been granted the selected role</target>
       </trans-unit>
       <trans-unit id="f2d212150076ce42ffe47d514f182ad5e7a6c9fe" resname="ra.management.create_ra.error.middleware_command_failed">
-        <jms:reference-file line="73">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="63">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.create_ra.error.middleware_command_failed</source>
         <target>The identity could not be granted the chosen role due to a server error.</target>
       </trans-unit>
@@ -714,8 +714,8 @@
         <target>Change Role</target>
       </trans-unit>
       <trans-unit id="249a6c69487c5477929e1dac383aa2d02fb25198" resname="ra.management.overview.common_name">
-        <jms:reference-file line="13">views/RaManagement/manage.html.twig</jms:reference-file>
         <jms:reference-file line="26">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
+        <jms:reference-file line="13">views/RaManagement/manage.html.twig</jms:reference-file>
         <source>ra.management.overview.common_name</source>
         <target>Name</target>
       </trans-unit>
@@ -740,17 +740,17 @@
         <target>Role</target>
       </trans-unit>
       <trans-unit id="64d8691325da6d2b996fd48f7da7a382fdeb22e7" resname="ra.management.overview.role.value.ra">
-        <jms:reference-file line="70">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="60">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.ra</source>
         <target>RA</target>
       </trans-unit>
       <trans-unit id="ac982ab35b7b5438a72cb6e243975c8ddd35e148" resname="ra.management.overview.role.value.raa">
-        <jms:reference-file line="71">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="61">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.raa</source>
         <target>RAA</target>
       </trans-unit>
       <trans-unit id="53c4452d09c417bfb728d1e738b2ae2bbff3c883" resname="ra.management.overview.role.value.sraa">
-        <jms:reference-file line="72">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="62">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.sraa</source>
         <target>SRAA</target>
       </trans-unit>
@@ -1127,7 +1127,7 @@
         <target>Identity verification failed</target>
       </trans-unit>
       <trans-unit id="eff2ebc67229b22b80526799953593c40a2c6ef9" resname="ra.verify_identity.registration_code_expired">
-        <jms:reference-file line="228">RaBundle/Controller/VettingController.php</jms:reference-file>
+        <jms:reference-file line="231">RaBundle/Controller/VettingController.php</jms:reference-file>
         <jms:reference-file line="10">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.verify_identity.registration_code_expired</source>
         <target>The activation code has expired. First, delete the current token registration of the user (by RA or user). The user then starts a new registration on %self_service_url% and will receive a new activation code that is valid for 14 days.</target>
@@ -1151,59 +1151,19 @@
         <jms:reference-file line="51">Form/Type/VerifyIdentityType.php</jms:reference-file>
         <jms:reference-file line="47">Form/Type/VerifyPhoneNumberType.php</jms:reference-file>
         <jms:reference-file line="5">Vetting/partial/cancelVettingProcedure.html.twig</jms:reference-file>
+        <jms:reference-file line="56">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
         <jms:reference-file line="47">Vetting/Sms/provePossession.html.twig</jms:reference-file>
         <jms:reference-file line="47">Vetting/Sms/sendChallenge.html.twig</jms:reference-file>
-        <jms:reference-file line="56">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
         <source>ra.vetting.button.cancel_procedure</source>
         <target>Cancel</target>
       </trans-unit>
       <trans-unit id="32b7bc724e0d07eac8325753ae89605966b495c7" resname="ra.vetting.flash.cancelled">
+        <jms:reference-file line="157">RaBundle/Controller/VettingController.php</jms:reference-file>
+        <jms:reference-file line="187">RaBundle/Controller/VettingController.php</jms:reference-file>
         <jms:reference-file line="120">Controller/Vetting/SmsController.php</jms:reference-file>
-        <jms:reference-file line="154">RaBundle/Controller/VettingController.php</jms:reference-file>
-        <jms:reference-file line="184">RaBundle/Controller/VettingController.php</jms:reference-file>
         <source>ra.vetting.flash.cancelled</source>
         <target>The vetting procedure was cancelled.</target>
       </trans-unit>
-      <trans-unit id="1dec0b54fa1739f15b995a5a8a3acb03adeff07d" resname="ra.vetting.gssf.initiate.biometric.button.initiate">
-        <jms:reference-file line="46">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.button.initiate</source>
-        <target>Verify biometrics</target>
-      </trans-unit>
-      <trans-unit id="94b9f4e4392a0b3cdf5cff65cf8951cb2ee4b3ba" resname="ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch">
-        <jms:reference-file line="47">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch</source>
-        <target>The biometric device returned a different ID than was registered in the Self-Service application.</target>
-      </trans-unit>
-      <trans-unit id="900abec75af2dfb739b1f7a9e73695385893b0d0" resname="ra.vetting.gssf.initiate.biometric.text.explanation">
-        <jms:reference-file line="45">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.text.explanation</source>
-        <target>Click the button below to verify the registrant biometrically.</target>
-      </trans-unit>
-      <trans-unit id="ee546154768e6aa0c5075029912a2b01d7cd5ab6" resname="ra.vetting.gssf.initiate.biometric.title.page">
-        <jms:reference-file line="44">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.title.page</source>
-        <target>Verify biometrics</target>
-      </trans-unit>
-      <trans-unit id="485287b4d4e2f13a9df979601799e727821b9817" resname="ra.vetting.gssf.initiate.tiqr.button.initiate">
-        <jms:reference-file line="42">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.button.initiate</source>
-        <target>Verify with Tiqr</target>
-      </trans-unit>
-      <trans-unit id="e6ca047d4a5ae812276be6e8ece30cc7d6102af2" resname="ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch">
-        <jms:reference-file line="43">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch</source>
-        <target>The Tiqr server responded with an ID that doesn't match the requested ID the registrant registered with using the Self-Service application.</target>
-      </trans-unit>
-      <trans-unit id="a5ec286b6d7f1ba6056eb720211d748ca9e8844c" resname="ra.vetting.gssf.initiate.tiqr.text.explanation">
-        <jms:reference-file line="41">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.text.explanation</source>
-        <target>Click the button below to verify the registrant owns the Tiqr account he or she registered with in the Self-Service application.</target>
-      </trans-unit>
-      <trans-unit id="cb3ffa7493a6cbda2c134ee5c2b80f193f822737" resname="ra.vetting.gssf.initiate.tiqr.title.page">
-        <jms:reference-file line="40">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.title.page</source>
-        <target>Verify with Tiqr</target>
-      </trans-unit>
       <trans-unit id="3f708a1089bb9a75621006456174cd658d18b541" resname="ra.vetting.progress_bar.enter_registration_code">
         <jms:reference-file line="2">Vetting/partial/progressBar.html.twig</jms:reference-file>
         <source>ra.vetting.progress_bar.enter_registration_code</source>
@@ -1250,7 +1210,7 @@
         <target>Token type disabled</target>
       </trans-unit>
       <trans-unit id="8e4a356a46fe95b04ae1cbb201b8d62e15670b2e" resname="ra.vetting.sms.challenge_body">
-        <jms:reference-file line="216">RaBundle/Service/VettingService.php</jms:reference-file>
+        <jms:reference-file line="224">RaBundle/Service/VettingService.php</jms:reference-file>
         <source>ra.vetting.sms.challenge_body</source>
         <target>Your code: %challenge%</target>
       </trans-unit>
@@ -1300,12 +1260,12 @@
         <target>Home</target>
       </trans-unit>
       <trans-unit id="385d56fffaf0e844dcd7b164b18741f050ba28e7" resname="ra.vetting.u2f.alert.device_reported_an_error">
-        <jms:reference-file line="77">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="67">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.vetting.u2f.alert.device_reported_an_error</source>
         <target>The U2F device reported an error. Try again or visit your IT helpdesk.</target>
       </trans-unit>
       <trans-unit id="467eb86ef7b096d0e14386714ef1b120c3f6b834" resname="ra.vetting.u2f.alert.error">
-        <jms:reference-file line="78">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="68">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.vetting.u2f.alert.error</source>
         <target>The authentication using the U2F device failed. Try again or visit your IT helpdesk.</target>
       </trans-unit>
diff --git a/app/Resources/translations/messages.nl_NL.xliff b/app/Resources/translations/messages.nl_NL.xliff
index 5987368a..0564dc2a 100644
--- a/app/Resources/translations/messages.nl_NL.xliff
+++ b/app/Resources/translations/messages.nl_NL.xliff
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:jms="urn:jms:translation" version="1.2">
-  <file date="2016-11-25T16:20:48Z" source-language="en" target-language="nl_NL" datatype="plaintext" original="not.available">
+  <file date="2017-06-15T15:47:50Z" source-language="en" target-language="nl_NL" datatype="plaintext" original="not.available">
     <header>
       <tool tool-id="JMSTranslationBundle" tool-name="JMSTranslationBundle" tool-version="1.1.0-DEV"/>
       <note>The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message.</note>
@@ -33,72 +33,72 @@
         <target>Nederlands</target>
       </trans-unit>
       <trans-unit id="37836182b3260cbaf343a44bfb622776839666cc" resname="ra.auditlog.action.accredited_as_ra">
-        <jms:reference-file line="63">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="53">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.accredited_as_ra</source>
         <target>Geaccrediteerd als RA</target>
       </trans-unit>
       <trans-unit id="66b320bfe1f15eabe6e0baa04e94b71c2152f8e2" resname="ra.auditlog.action.accredited_as_raa">
-        <jms:reference-file line="64">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="54">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.accredited_as_raa</source>
         <target>Geaccrediteerd als RAA</target>
       </trans-unit>
       <trans-unit id="ba50c2f5a7066cd14d8ae1f33c5f4decc892d0b7" resname="ra.auditlog.action.appointed_as_ra">
-        <jms:reference-file line="65">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="55">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.appointed_as_ra</source>
         <target>RA rol toegewezen gekregen</target>
       </trans-unit>
       <trans-unit id="f1a9c08794cd9c91a7f63841cc1c9ff61c3da452" resname="ra.auditlog.action.appointed_as_raa">
-        <jms:reference-file line="66">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="56">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.appointed_as_raa</source>
         <target>RAA rol toegewezen gekregen</target>
       </trans-unit>
       <trans-unit id="9c05a55d8f3ef06afe4f9d81883c0cd6dc415933" resname="ra.auditlog.action.bootstrapped">
-        <jms:reference-file line="62">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="52">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.bootstrapped</source>
         <target>Identiteit en Token gebootstrapped</target>
       </trans-unit>
       <trans-unit id="c9199d83adb7c6ebeaa6cfe08d2fc57f308677a9" resname="ra.auditlog.action.created">
-        <jms:reference-file line="57">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="47">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.created</source>
         <target>Identiteit aangemaakt</target>
       </trans-unit>
       <trans-unit id="f2264e8a139e432bc0b30abd24ab34750e944da0" resname="ra.auditlog.action.email_changed">
-        <jms:reference-file line="58">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="48">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.email_changed</source>
         <target>E-mail gewijzigd</target>
       </trans-unit>
       <trans-unit id="8750a7f384fd2159c68613b478b283083c45f8fa" resname="ra.auditlog.action.email_verified">
-        <jms:reference-file line="55">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="45">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.email_verified</source>
         <target>E-mail geverifieerd</target>
       </trans-unit>
       <trans-unit id="59b375a103f9bff34d2da25cb0563524354b357d" resname="ra.auditlog.action.possession_proven">
-        <jms:reference-file line="56">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="46">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.possession_proven</source>
         <target>Bezit aangetoond</target>
       </trans-unit>
       <trans-unit id="6182cba621f2930f0600729d0cf846477b645851" resname="ra.auditlog.action.renamed">
-        <jms:reference-file line="59">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="49">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.renamed</source>
         <target>Naam gewijzigd</target>
       </trans-unit>
       <trans-unit id="625f464c28c526a1fb856c5c6c8387e8d4c49518" resname="ra.auditlog.action.retracted_as_ra">
-        <jms:reference-file line="67">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="57">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.retracted_as_ra</source>
         <target>Verwijderd als RA(A)</target>
       </trans-unit>
       <trans-unit id="3b4520b328a4b841d468fd967962d674db2d2947" resname="ra.auditlog.action.revoked">
-        <jms:reference-file line="61">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="51">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.revoked</source>
         <target>Token verwijderd</target>
       </trans-unit>
       <trans-unit id="cfa1707c5ee601824695a03199bac938cbac9a62" resname="ra.auditlog.action.revoked_by_ra">
-        <jms:reference-file line="54">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="44">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.revoked_by_ra</source>
         <target>Token verwijderd door RA</target>
       </trans-unit>
       <trans-unit id="0685bbf771d00c304c5807c48e34ba0c8b73b3eb" resname="ra.auditlog.action.vetted">
-        <jms:reference-file line="60">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="50">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.vetted</source>
         <target>Token gevet</target>
       </trans-unit>
@@ -158,8 +158,8 @@
         <target>RA-locatie succesvol aangemaakt</target>
       </trans-unit>
       <trans-unit id="5a045b50111a6cdd614329837fa07cbf64d896a6" resname="ra.error.button.go_home">
-        <jms:reference-file line="12">views/Exception/error.html.twig</jms:reference-file>
         <jms:reference-file line="12">views/Exception/error404.html.twig</jms:reference-file>
+        <jms:reference-file line="12">views/Exception/error.html.twig</jms:reference-file>
         <source>ra.error.button.go_home</source>
         <target>Terug naar Home</target>
       </trans-unit>
@@ -254,8 +254,8 @@
         <target>Meld deze error code aan de helpdesk via support@surfconext.nl</target>
       </trans-unit>
       <trans-unit id="97cec45f4b04606121bd0a6613f2673f4e55eff7" resname="ra.error.text.your_art_code">
-        <jms:reference-file line="16">views/Exception/error.html.twig</jms:reference-file>
         <jms:reference-file line="16">views/Exception/error404.html.twig</jms:reference-file>
+        <jms:reference-file line="16">views/Exception/error.html.twig</jms:reference-file>
         <source>ra.error.text.your_art_code</source>
         <target>De fout code is:</target>
       </trans-unit>
@@ -285,12 +285,12 @@
         <target>Het wisselen van taal is mislukt wegens een onbekende reden.</target>
       </trans-unit>
       <trans-unit id="c73b11f71b8ad5d46b3e42e649919aee4bc9ece5" resname="ra.form.extension.ra_role_choice.ra">
-        <jms:reference-file line="50">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="40">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.form.extension.ra_role_choice.ra</source>
         <target>RA</target>
       </trans-unit>
       <trans-unit id="e55aa3fd11b0cd43d84e2e3e41be6729e7fc35f0" resname="ra.form.extension.ra_role_choice.raa">
-        <jms:reference-file line="51">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="41">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.form.extension.ra_role_choice.raa</source>
         <target>RAA</target>
       </trans-unit>
@@ -330,8 +330,8 @@
         <target>E-mail</target>
       </trans-unit>
       <trans-unit id="9f4c34138ef487cdf008770c1257b06291343831" resname="ra.form.ra_search_ra_candidates.label.name">
-        <jms:reference-file line="31">Form/Type/ChangeRaLocationType.php</jms:reference-file>
         <jms:reference-file line="31">Form/Type/SearchRaCandidatesType.php</jms:reference-file>
+        <jms:reference-file line="31">Form/Type/ChangeRaLocationType.php</jms:reference-file>
         <source>ra.form.ra_search_ra_candidates.label.name</source>
         <target>Naam</target>
       </trans-unit>
@@ -476,7 +476,7 @@
         <target>Verifieer identiteit</target>
       </trans-unit>
       <trans-unit id="584ef35d6af2f2917e708a1a6092f0b0938151e4" resname="ra.management.amend_ra_info.error.middleware_command_failed">
-        <jms:reference-file line="74">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="64">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.amend_ra_info.error.middleware_command_failed</source>
         <target>Het wijzigen van de gegevens van de RA is mislukt vanwege een serverfout.</target>
       </trans-unit>
@@ -564,7 +564,7 @@
         <target>De Registratie Authoriteit heeft de gekozen rol toegewezen gekregen</target>
       </trans-unit>
       <trans-unit id="f2d212150076ce42ffe47d514f182ad5e7a6c9fe" resname="ra.management.create_ra.error.middleware_command_failed">
-        <jms:reference-file line="73">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="63">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.create_ra.error.middleware_command_failed</source>
         <target>De gekozen rol kon niet aan de identiteit toegekend worden vanwege een serverfout.</target>
       </trans-unit>
@@ -714,8 +714,8 @@
         <target>Verander Rol</target>
       </trans-unit>
       <trans-unit id="249a6c69487c5477929e1dac383aa2d02fb25198" resname="ra.management.overview.common_name">
-        <jms:reference-file line="13">views/RaManagement/manage.html.twig</jms:reference-file>
         <jms:reference-file line="26">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
+        <jms:reference-file line="13">views/RaManagement/manage.html.twig</jms:reference-file>
         <source>ra.management.overview.common_name</source>
         <target>Naam</target>
       </trans-unit>
@@ -740,17 +740,17 @@
         <target>Rol</target>
       </trans-unit>
       <trans-unit id="64d8691325da6d2b996fd48f7da7a382fdeb22e7" resname="ra.management.overview.role.value.ra">
-        <jms:reference-file line="70">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="60">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.ra</source>
         <target>RA</target>
       </trans-unit>
       <trans-unit id="ac982ab35b7b5438a72cb6e243975c8ddd35e148" resname="ra.management.overview.role.value.raa">
-        <jms:reference-file line="71">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="61">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.raa</source>
         <target>RAA</target>
       </trans-unit>
       <trans-unit id="53c4452d09c417bfb728d1e738b2ae2bbff3c883" resname="ra.management.overview.role.value.sraa">
-        <jms:reference-file line="72">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="62">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.sraa</source>
         <target>SRAA</target>
       </trans-unit>
@@ -1127,7 +1127,7 @@
         <target>De verificatie van de identiteit is mislukt</target>
       </trans-unit>
       <trans-unit id="eff2ebc67229b22b80526799953593c40a2c6ef9" resname="ra.verify_identity.registration_code_expired">
-        <jms:reference-file line="228">RaBundle/Controller/VettingController.php</jms:reference-file>
+        <jms:reference-file line="231">RaBundle/Controller/VettingController.php</jms:reference-file>
         <jms:reference-file line="10">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.verify_identity.registration_code_expired</source>
         <target>De activatie code is verlopen. Verwijder eerst de huidige token registratie (door RA of gebruiker). De gebruiker start vervolgens een nieuwe registratie via %self_service_url% en ontvangt een nieuwe activatiecode die weer 14 dagen geldig blijft.</target>
@@ -1151,59 +1151,19 @@
         <jms:reference-file line="51">Form/Type/VerifyIdentityType.php</jms:reference-file>
         <jms:reference-file line="47">Form/Type/VerifyPhoneNumberType.php</jms:reference-file>
         <jms:reference-file line="5">Vetting/partial/cancelVettingProcedure.html.twig</jms:reference-file>
+        <jms:reference-file line="56">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
         <jms:reference-file line="47">Vetting/Sms/provePossession.html.twig</jms:reference-file>
         <jms:reference-file line="47">Vetting/Sms/sendChallenge.html.twig</jms:reference-file>
-        <jms:reference-file line="56">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
         <source>ra.vetting.button.cancel_procedure</source>
         <target>Annuleren</target>
       </trans-unit>
       <trans-unit id="32b7bc724e0d07eac8325753ae89605966b495c7" resname="ra.vetting.flash.cancelled">
+        <jms:reference-file line="157">RaBundle/Controller/VettingController.php</jms:reference-file>
+        <jms:reference-file line="187">RaBundle/Controller/VettingController.php</jms:reference-file>
         <jms:reference-file line="120">Controller/Vetting/SmsController.php</jms:reference-file>
-        <jms:reference-file line="154">RaBundle/Controller/VettingController.php</jms:reference-file>
-        <jms:reference-file line="184">RaBundle/Controller/VettingController.php</jms:reference-file>
         <source>ra.vetting.flash.cancelled</source>
         <target>De activatieprocedure is afgebroken.</target>
       </trans-unit>
-      <trans-unit id="1dec0b54fa1739f15b995a5a8a3acb03adeff07d" resname="ra.vetting.gssf.initiate.biometric.button.initiate">
-        <jms:reference-file line="46">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.button.initiate</source>
-        <target>Biometrie verifiëren</target>
-      </trans-unit>
-      <trans-unit id="94b9f4e4392a0b3cdf5cff65cf8951cb2ee4b3ba" resname="ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch">
-        <jms:reference-file line="47">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch</source>
-        <target>Het biometrisch apparaat heeft een ID teruggegeven dat niet overeenkomt met het gevraagde ID, dat de registrant heeft geregistreerd in de Self-Service-applicatie.</target>
-      </trans-unit>
-      <trans-unit id="900abec75af2dfb739b1f7a9e73695385893b0d0" resname="ra.vetting.gssf.initiate.biometric.text.explanation">
-        <jms:reference-file line="45">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.text.explanation</source>
-        <target>Klik de knop hieronder om de registrant biometrisch te verifiëren.</target>
-      </trans-unit>
-      <trans-unit id="ee546154768e6aa0c5075029912a2b01d7cd5ab6" resname="ra.vetting.gssf.initiate.biometric.title.page">
-        <jms:reference-file line="44">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.title.page</source>
-        <target>Biometrie verifiëren</target>
-      </trans-unit>
-      <trans-unit id="485287b4d4e2f13a9df979601799e727821b9817" resname="ra.vetting.gssf.initiate.tiqr.button.initiate">
-        <jms:reference-file line="42">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.button.initiate</source>
-        <target>Verifiëren bij Tiqr</target>
-      </trans-unit>
-      <trans-unit id="e6ca047d4a5ae812276be6e8ece30cc7d6102af2" resname="ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch">
-        <jms:reference-file line="43">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch</source>
-        <target>De Tiqr-server heeft een ID teruggegeven dat niet overeenkomt met het gevraagde ID, dat de registrant heeft geregistreerd in de Self-Service-applicatie.</target>
-      </trans-unit>
-      <trans-unit id="a5ec286b6d7f1ba6056eb720211d748ca9e8844c" resname="ra.vetting.gssf.initiate.tiqr.text.explanation">
-        <jms:reference-file line="41">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.text.explanation</source>
-        <target>Klik de knop hieronder om te verifiëren dat de registrant het Tiqr-account bezit dat hij of zij gebruikt heeft in de Self-Service-applicatie.</target>
-      </trans-unit>
-      <trans-unit id="cb3ffa7493a6cbda2c134ee5c2b80f193f822737" resname="ra.vetting.gssf.initiate.tiqr.title.page">
-        <jms:reference-file line="40">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.title.page</source>
-        <target>Tiqr verifiëren</target>
-      </trans-unit>
       <trans-unit id="3f708a1089bb9a75621006456174cd658d18b541" resname="ra.vetting.progress_bar.enter_registration_code">
         <jms:reference-file line="2">Vetting/partial/progressBar.html.twig</jms:reference-file>
         <source>ra.vetting.progress_bar.enter_registration_code</source>
@@ -1250,7 +1210,7 @@
         <target>Tokentype uitgeschakeld</target>
       </trans-unit>
       <trans-unit id="8e4a356a46fe95b04ae1cbb201b8d62e15670b2e" resname="ra.vetting.sms.challenge_body">
-        <jms:reference-file line="216">RaBundle/Service/VettingService.php</jms:reference-file>
+        <jms:reference-file line="224">RaBundle/Service/VettingService.php</jms:reference-file>
         <source>ra.vetting.sms.challenge_body</source>
         <target>Uw SMS-code: %challenge%</target>
       </trans-unit>
@@ -1300,12 +1260,12 @@
         <target>Home</target>
       </trans-unit>
       <trans-unit id="385d56fffaf0e844dcd7b164b18741f050ba28e7" resname="ra.vetting.u2f.alert.device_reported_an_error">
-        <jms:reference-file line="77">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="67">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.vetting.u2f.alert.device_reported_an_error</source>
         <target>Het U2F-apparaat heeft een foutmelding gerapporteerd. Probeer het opnieuw of neem contact op met de IT-helpdesk.</target>
       </trans-unit>
       <trans-unit id="467eb86ef7b096d0e14386714ef1b120c3f6b834" resname="ra.vetting.u2f.alert.error">
-        <jms:reference-file line="78">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="68">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.vetting.u2f.alert.error</source>
         <target>De authenticate met het U2F-apparaat is mislukt. Probeer het opnieuw of neem contact op met de IT-helpdesk.</target>
       </trans-unit>
diff --git a/app/Resources/translations/validators.en_GB.xliff b/app/Resources/translations/validators.en_GB.xliff
index c34632c9..283c1a23 100644
--- a/app/Resources/translations/validators.en_GB.xliff
+++ b/app/Resources/translations/validators.en_GB.xliff
@@ -1,11 +1,15 @@
 <?xml version="1.0" encoding="utf-8"?>
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:jms="urn:jms:translation" version="1.2">
-  <file date="2016-11-03T10:43:41Z" source-language="en" target-language="en_GB" datatype="plaintext" original="not.available">
+  <file date="2017-06-15T15:47:57Z" source-language="en" target-language="en_GB" datatype="plaintext" original="not.available">
     <header>
       <tool tool-id="JMSTranslationBundle" tool-name="JMSTranslationBundle" tool-version="1.1.0-DEV"/>
       <note>The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message.</note>
     </header>
     <body>
+      <trans-unit id="9fe9614ee06100ffa9474b193d1aec7a4c1d1334" resname="middleware_client.dto.configuration.allowed_second_factors.must_be_array">
+        <source>middleware_client.dto.configuration.allowed_second_factors.must_be_array</source>
+        <target state="new">middleware_client.dto.configuration.allowed_second_factors.must_be_array</target>
+      </trans-unit>
       <trans-unit id="e921db3beb8170142aa4dcd8c364595343b6fc64" resname="middleware_client.dto.configuration.show_raa_contact_information.must_be_boolean">
         <source>middleware_client.dto.configuration.show_raa_contact_information.must_be_boolean</source>
         <target>Show RAA Contact Information option must be boolean.</target>
diff --git a/app/Resources/translations/validators.nl_NL.xliff b/app/Resources/translations/validators.nl_NL.xliff
index c079e317..3ed6db7d 100644
--- a/app/Resources/translations/validators.nl_NL.xliff
+++ b/app/Resources/translations/validators.nl_NL.xliff
@@ -1,11 +1,15 @@
 <?xml version="1.0" encoding="utf-8"?>
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:jms="urn:jms:translation" version="1.2">
-  <file date="2016-11-03T10:45:46Z" source-language="en" target-language="nl_NL" datatype="plaintext" original="not.available">
+  <file date="2017-06-15T15:47:50Z" source-language="en" target-language="nl_NL" datatype="plaintext" original="not.available">
     <header>
       <tool tool-id="JMSTranslationBundle" tool-name="JMSTranslationBundle" tool-version="1.1.0-DEV"/>
       <note>The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message.</note>
     </header>
     <body>
+      <trans-unit id="9fe9614ee06100ffa9474b193d1aec7a4c1d1334" resname="middleware_client.dto.configuration.allowed_second_factors.must_be_array">
+        <source>middleware_client.dto.configuration.allowed_second_factors.must_be_array</source>
+        <target state="new">middleware_client.dto.configuration.allowed_second_factors.must_be_array</target>
+      </trans-unit>
       <trans-unit id="e921db3beb8170142aa4dcd8c364595343b6fc64" resname="middleware_client.dto.configuration.show_raa_contact_information.must_be_boolean">
         <source>middleware_client.dto.configuration.show_raa_contact_information.must_be_boolean</source>
         <target>Show RAA Contact Information option must be boolean.</target>
diff --git a/app/config/config.yml b/app/config/config.yml
index 5a727b5d..722c5b87 100644
--- a/app/config/config.yml
+++ b/app/config/config.yml
@@ -76,6 +76,7 @@ services:
 surfnet_stepup_ra_ra:
     required_loa: %loa_required_for_login%
     enabled_second_factors: %enabled_second_factors%
+    enabled_generic_second_factors: %enabled_generic_second_factors%
     session_lifetimes:
         max_absolute_lifetime: "%session_max_absolute_lifetime%"
         max_relative_lifetime: "%session_max_relative_lifetime%"
diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist
index c5e8ab42..d78d7e67 100644
--- a/app/config/parameters.yml.dist
+++ b/app/config/parameters.yml.dist
@@ -39,6 +39,11 @@ parameters:
     enabled_second_factors:
         - sms
         - yubikey
+    enabled_generic_second_factors:
+            biometric:
+                loa: 3
+            tiqr:
+                loa: 3
     graylog_hostname: 'g2-dev.stepup.coin.surf.net'
     asset_version: 1
 
diff --git a/app/config/samlstepupproviders.yml b/app/config/samlstepupproviders.yml
index 9babdc07..615857dc 100644
--- a/app/config/samlstepupproviders.yml
+++ b/app/config/samlstepupproviders.yml
@@ -18,6 +18,11 @@ surfnet_stepup_ra_saml_stepup_provider:
                 entity_id: %gssp_tiqr_remote_entity_id%
                 sso_url: %gssp_tiqr_remote_sso_url%
                 certificate: %gssp_tiqr_remote_certificate%
+            view_config:
+                page_title: %gssp_tiqr_page_title%
+                explanation: %gssp_tiqr_explanation%
+                initiate: %gssp_tiqr_initiate%
+                gssf_id_mismatch: %gssp_tiqr_gssf_id_mismatch%
         biometric:
             hosted:
                 service_provider:
@@ -30,3 +35,8 @@ surfnet_stepup_ra_saml_stepup_provider:
                 entity_id: %gssp_biometric_remote_entity_id%
                 sso_url: %gssp_biometric_remote_sso_url%
                 certificate: %gssp_biometric_remote_certificate%
+            view_config:
+                page_title: %gssp_biometric_page_title%
+                explanation: %gssp_biometric_explanation%
+                initiate: %gssp_biometric_initiate%
+                gssf_id_mismatch: %gssp_biometric_gssf_id_mismatch%
\ No newline at end of file
diff --git a/app/config/samlstepupproviders_parameters.yml.dist b/app/config/samlstepupproviders_parameters.yml.dist
index d04af2ff..bcddceb2 100644
--- a/app/config/samlstepupproviders_parameters.yml.dist
+++ b/app/config/samlstepupproviders_parameters.yml.dist
@@ -6,6 +6,18 @@ parameters:
     gssp_tiqr_remote_entity_id: 'https://actual-gssp.entity-id.tld'
     gssp_tiqr_remote_sso_url: 'https://actual-gssp.entity-id.tld/single-sign-on/url'
     gssp_tiqr_remote_certificate: 'The contents of the certificate published by the gssp'
+    gssp_tiqr_page_title:
+        en_GB: 'EN ra.vetting.gssf.initiate.tiqr.title.page'
+        nl_NL: 'NL ra.vetting.gssf.initiate.tiqr.title.page'
+    gssp_tiqr_explanation: 
+        en_GB: 'EN ra.vetting.gssf.initiate.tiqr.text.explanation'
+        nl_NL: 'NL ra.vetting.gssf.initiate.tiqr.text.explanation'
+    gssp_tiqr_initiate:
+        en_GB: 'EN ra.vetting.gssf.initiate.tiqr.button.initiate'
+        nl_NL: 'NL ra.vetting.gssf.initiate.tiqr.button.initiate'
+    gssp_tiqr_gssf_id_mismatch: 
+        en_GB: 'EN ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch'
+        nl_NL: 'NL ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch'
     gssp_biometric_sp_publickey: '/full/path/to/the/gateway-as-sp/public-key-file.cer'
     gssp_biometric_sp_privatekey: '/full/path/to/the/gateway-as-sp/private-key-file.pem'
     gssp_biometric_metadata_publickey: '/full/path/to/the/gateway-metadata/public-key-file.cer'
@@ -13,3 +25,15 @@ parameters:
     gssp_biometric_remote_entity_id: 'https://actual-gssp.entity-id.tld'
     gssp_biometric_remote_sso_url: 'https://actual-gssp.entity-id.tld/single-sign-on/url'
     gssp_biometric_remote_certificate: 'The contents of the certificate published by the gssp'
+    gssp_biometric_page_title:
+        en_GB: 'EN ra.vetting.gssf.initiate.biometric.title.page'
+        nl_NL: 'NL ra.vetting.gssf.initiate.biometric.title.page'
+    gssp_biometric_explanation:
+        en_GB: 'EN ra.vetting.gssf.initiate.biometric.text.explanation'
+        nl_NL: 'NL ra.vetting.gssf.initiate.biometric.text.explanation'
+    gssp_biometric_initiate:
+        en_GB: 'EN ra.vetting.gssf.initiate.biometric.button.initiate'
+        nl_NL: 'NL ra.vetting.gssf.initiate.biometric.button.initiate'
+    gssp_biometric_gssf_id_mismatch:
+        en_GB: 'EN ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch'
+        nl_NL: 'NL ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch'
\ No newline at end of file
diff --git a/composer.json b/composer.json
index 730969b5..1d5af0fa 100644
--- a/composer.json
+++ b/composer.json
@@ -25,7 +25,7 @@
         "jms/di-extra-bundle": "~1.4.0",
         "surfnet/stepup-middleware-client-bundle": "^2.0",
         "surfnet/stepup-saml-bundle": "^2.5",
-        "surfnet/stepup-bundle": "^1.7",
+        "surfnet/stepup-bundle": "^2.0",
         "surfnet/stepup-u2f-bundle": "dev-develop",
         "guzzlehttp/guzzle": "^6",
         "knplabs/knp-paginator-bundle": "~2.4",
diff --git a/composer.lock b/composer.lock
index a78eb691..963c5264 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
         "This file is @generated automatically"
     ],
-    "content-hash": "3aa6c3ba125a0d8d07cf999fecd8b157",
+    "content-hash": "a58e344cdaaa088e470fbaae634e9ed7",
     "packages": [
         {
             "name": "beberlei/assert",
@@ -2092,16 +2092,16 @@
         },
         {
             "name": "surfnet/stepup-bundle",
-            "version": "1.7.0",
+            "version": "2.0.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/OpenConext/Stepup-bundle.git",
-                "reference": "084b1e11781ca3f526e32a486f75a7e6a953e5fc"
+                "reference": "0766c91a6b391739d9fe4693f684ef1332342df4"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/OpenConext/Stepup-bundle/zipball/084b1e11781ca3f526e32a486f75a7e6a953e5fc",
-                "reference": "084b1e11781ca3f526e32a486f75a7e6a953e5fc",
+                "url": "https://api.github.com/repos/OpenConext/Stepup-bundle/zipball/0766c91a6b391739d9fe4693f684ef1332342df4",
+                "reference": "0766c91a6b391739d9fe4693f684ef1332342df4",
                 "shasum": ""
             },
             "require": {
@@ -2145,7 +2145,7 @@
                 "suaas",
                 "surfnet"
             ],
-            "time": "2017-03-07T13:44:04+00:00"
+            "time": "2017-06-14T13:03:51+00:00"
         },
         {
             "name": "surfnet/stepup-middleware-client-bundle",
@@ -3121,12 +3121,12 @@
             "version": "0.9.5",
             "source": {
                 "type": "git",
-                "url": "https://github.com/padraic/mockery.git",
+                "url": "https://github.com/mockery/mockery.git",
                 "reference": "4db079511a283e5aba1b3c2fb19037c645e70fc2"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/padraic/mockery/zipball/4db079511a283e5aba1b3c2fb19037c645e70fc2",
+                "url": "https://api.github.com/repos/mockery/mockery/zipball/4db079511a283e5aba1b3c2fb19037c645e70fc2",
                 "reference": "4db079511a283e5aba1b3c2fb19037c645e70fc2",
                 "shasum": ""
             },
diff --git a/src/Surfnet/StepupRa/RaBundle/Controller/Vetting/GssfController.php b/src/Surfnet/StepupRa/RaBundle/Controller/Vetting/GssfController.php
index 37b344e5..c3203f69 100644
--- a/src/Surfnet/StepupRa/RaBundle/Controller/Vetting/GssfController.php
+++ b/src/Surfnet/StepupRa/RaBundle/Controller/Vetting/GssfController.php
@@ -25,6 +25,7 @@
 use Surfnet\SamlBundle\SAML2\Response\Assertion\InResponseTo;
 use Surfnet\StepupRa\RaBundle\Exception\RuntimeException;
 use Surfnet\StepupRa\RaBundle\Service\VettingService;
+use Surfnet\StepupRa\SamlStepupProviderBundle\Provider\ViewConfig;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
@@ -253,11 +254,28 @@ private function getVettingService()
      */
     private function renderInitiateForm($procedureId, $provider, array $parameters = [])
     {
-        $form = $this->createForm('ra_initiate_gssf', null, ['procedureId' => $procedureId, 'provider' => $provider]);
+        /** @var ViewConfig $secondFactorConfig */
+        $secondFactorConfig = $this->get("gssp.view_config.{$provider}");
+
+        $form = $this->createForm(
+            'ra_initiate_gssf',
+            null,
+            [
+                'procedureId' => $procedureId,
+                'provider' => $provider,
+                /** @Ignore from translation message extraction */
+                'label' => $secondFactorConfig->getInitiate()
+            ]
+        );
 
         $templateParameters = array_merge(
             $parameters,
-            ['form' => $form->createView(), 'procedureId' => $procedureId, 'provider' => $provider]
+            [
+                'form' => $form->createView(),
+                'procedureId' => $procedureId,
+                'provider' => $provider,
+                'secondFactorConfig' => $secondFactorConfig
+            ]
         );
 
         return $this->render('SurfnetStepupRaRaBundle:Vetting/Gssf:initiate.html.twig', $templateParameters);
diff --git a/src/Surfnet/StepupRa/RaBundle/DependencyInjection/Configuration.php b/src/Surfnet/StepupRa/RaBundle/DependencyInjection/Configuration.php
index c628e896..e4fdf999 100644
--- a/src/Surfnet/StepupRa/RaBundle/DependencyInjection/Configuration.php
+++ b/src/Surfnet/StepupRa/RaBundle/DependencyInjection/Configuration.php
@@ -18,9 +18,6 @@
 
 namespace Surfnet\StepupRa\RaBundle\DependencyInjection;
 
-use Surfnet\StepupBundle\Exception\DomainException;
-use Surfnet\StepupBundle\Exception\InvalidArgumentException;
-use Surfnet\StepupBundle\Value\SecondFactorType;
 use Symfony\Component\Config\Definition\Builder\NodeBuilder;
 use Symfony\Component\Config\Definition\Builder\TreeBuilder;
 use Symfony\Component\Config\Definition\ConfigurationInterface;
@@ -68,25 +65,17 @@ private function appendSecondFactorTypesConfiguration(NodeBuilder $childNodes)
             ->arrayNode('enabled_second_factors')
                 ->isRequired()
                 ->prototype('scalar')
-                    ->validate()
-                        ->ifTrue(
-                            function ($type) {
-                                try {
-                                    new SecondFactorType($type);
-                                } catch (InvalidArgumentException $e) {
-                                    return true;
-                                } catch (DomainException $e) {
-                                    return true;
-                                }
-                            }
-                        )
-                        ->thenInvalid(
-                            'Enabled second factor type "%s" is not one of the valid types. See SecondFactorType'
-                        )
-                    ->end()
+            ->end();
+        $childNodes
+            ->arrayNode('enabled_generic_second_factors')
+                ->isRequired()
+                ->prototype('array')
+                ->children()
+                    ->scalarNode('loa')
+                    ->isRequired()
+                    ->info('The lao level of the Gssf')
                 ->end()
-            ->end()
-        ->end();
+            ->end();
     }
 
     /**
diff --git a/src/Surfnet/StepupRa/RaBundle/DependencyInjection/SurfnetStepupRaRaExtension.php b/src/Surfnet/StepupRa/RaBundle/DependencyInjection/SurfnetStepupRaRaExtension.php
index eea12e6a..5a8c8792 100644
--- a/src/Surfnet/StepupRa/RaBundle/DependencyInjection/SurfnetStepupRaRaExtension.php
+++ b/src/Surfnet/StepupRa/RaBundle/DependencyInjection/SurfnetStepupRaRaExtension.php
@@ -40,7 +40,11 @@ public function load(array $configs, ContainerBuilder $container)
         // inject the required loa as parameter into the service container
         $container->setParameter('surfnet_stepup_ra.security.required_loa', $config['required_loa']);
 
-        $container->setParameter('surfnet_stepup_ra.enabled_second_factors', $config['enabled_second_factors']);
+        $gssfSecondFactors = array_keys($config['enabled_generic_second_factors']);
+        $container->setParameter(
+            'surfnet_stepup_ra.enabled_second_factors',
+            array_merge($config['enabled_second_factors'], $gssfSecondFactors)
+        );
 
         $container->setParameter(
             'ra.security.authentication.session.maximum_absolute_lifetime_in_seconds',
diff --git a/src/Surfnet/StepupRa/RaBundle/Form/Type/InitiateGssfType.php b/src/Surfnet/StepupRa/RaBundle/Form/Type/InitiateGssfType.php
index b4e915e4..41b552f3 100644
--- a/src/Surfnet/StepupRa/RaBundle/Form/Type/InitiateGssfType.php
+++ b/src/Surfnet/StepupRa/RaBundle/Form/Type/InitiateGssfType.php
@@ -45,7 +45,8 @@ public function buildForm(FormBuilderInterface $builder, array $options)
         $builder
             ->add('submit', 'submit', [
                 'attr'  => ['class' => 'btn btn-primary'],
-                'label' => /** @Ignore */ 'ra.vetting.gssf.initiate.' . $options['provider'] . '.button.initiate'
+                /** @Ignore */
+                'label' => $options['label']
             ])
             ->setAction($action);
     }
diff --git a/src/Surfnet/StepupRa/RaBundle/Resources/config/services.yml b/src/Surfnet/StepupRa/RaBundle/Resources/config/services.yml
index 76f3da7c..fe48a51d 100644
--- a/src/Surfnet/StepupRa/RaBundle/Resources/config/services.yml
+++ b/src/Surfnet/StepupRa/RaBundle/Resources/config/services.yml
@@ -100,6 +100,7 @@ services:
             - "@ra.repository.vetting_procedure"
             - "@translator"
             - "@ra.service.identity"
+            - "@surfnet_stepup.service.second_factor_type"
 
     ra.service.yubikey:
         public: false
@@ -185,6 +186,7 @@ services:
             - "@surfnet_stepup_middleware_client.identity.service.ra_candidate"
             - "@ra.service.command"
             - "@logger"
+            - "@surfnet_stepup.service.second_factor_type"
 
     ra.service.ra_location:
         class: Surfnet\StepupRa\RaBundle\Service\RaLocationService
diff --git a/src/Surfnet/StepupRa/RaBundle/Resources/views/Vetting/Gssf/initiate.html.twig b/src/Surfnet/StepupRa/RaBundle/Resources/views/Vetting/Gssf/initiate.html.twig
index df917c8e..c80b767b 100644
--- a/src/Surfnet/StepupRa/RaBundle/Resources/views/Vetting/Gssf/initiate.html.twig
+++ b/src/Surfnet/StepupRa/RaBundle/Resources/views/Vetting/Gssf/initiate.html.twig
@@ -1,6 +1,6 @@
 {% extends "::base.html.twig" %}
 
-{% block page_title %}{{ ('ra.vetting.gssf.initiate.' ~ provider ~ '.title.page')|trans }}{% endblock %}
+{% block page_title %}{{ secondFactorConfig.getPageTitle() }}{% endblock %}
 
 {% block page_header %}
     {{ parent() }}
@@ -11,12 +11,12 @@
 {% block content %}
     <h2>{{ block('page_title') }}</h2>
 
-    <p>{{ ('ra.vetting.gssf.initiate.' ~ provider ~ '.text.explanation')|trans }}</p>
+    <p>{{ secondFactorConfig.getExplanation() }}</p>
 
     <hr>
 
     {% if gssfIdMismatch is defined %}
-        <div class="alert alert-danger">{{ ('ra.vetting.gssf.initiate.' ~ provider ~ '.error.gssf_id_mismatch')|trans }}</div>
+        <div class="alert alert-danger">{{ secondFactorConfig.getGssfIdMismatch() }}</div>
     {% endif %}
     {{ form(form) }}
 
diff --git a/src/Surfnet/StepupRa/RaBundle/Resources/views/translations.html.twig b/src/Surfnet/StepupRa/RaBundle/Resources/views/translations.html.twig
index 1d1b0a49..6191101c 100644
--- a/src/Surfnet/StepupRa/RaBundle/Resources/views/translations.html.twig
+++ b/src/Surfnet/StepupRa/RaBundle/Resources/views/translations.html.twig
@@ -36,16 +36,6 @@
 {{ 'ra.second_factor.search.status.vetted'|trans }}
 {{ 'ra.second_factor.search.status.revoked'|trans }}
 
-{# GssfController #}
-{{ ('ra.vetting.gssf.initiate.tiqr.title.page')|trans }}
-{{ ('ra.vetting.gssf.initiate.tiqr.text.explanation')|trans }}
-{{ ('ra.vetting.gssf.initiate.tiqr.button.initiate')|trans }}
-{{ ('ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch')|trans }}
-{{ ('ra.vetting.gssf.initiate.biometric.title.page')|trans }}
-{{ ('ra.vetting.gssf.initiate.biometric.text.explanation')|trans }}
-{{ ('ra.vetting.gssf.initiate.biometric.button.initiate')|trans }}
-{{ ('ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch')|trans }}
-
 {# RaRoleChoiceList labels #}
 {{ ('ra.form.extension.ra_role_choice.ra'|trans) }}
 {{ ('ra.form.extension.ra_role_choice.raa'|trans) }}
diff --git a/src/Surfnet/StepupRa/RaBundle/Service/RaCandidateService.php b/src/Surfnet/StepupRa/RaBundle/Service/RaCandidateService.php
index 70f90ac5..41a59369 100644
--- a/src/Surfnet/StepupRa/RaBundle/Service/RaCandidateService.php
+++ b/src/Surfnet/StepupRa/RaBundle/Service/RaCandidateService.php
@@ -19,6 +19,7 @@
 namespace Surfnet\StepupRa\RaBundle\Service;
 
 use Psr\Log\LoggerInterface;
+use Surfnet\StepupBundle\Service\SecondFactorTypeService;
 use Surfnet\StepupBundle\Value\Loa;
 use Surfnet\StepupBundle\Value\SecondFactorType;
 use Surfnet\StepupMiddlewareClient\Identity\Dto\RaCandidateSearchQuery;
@@ -28,6 +29,9 @@
 use Surfnet\StepupRa\RaBundle\Command\SearchRaCandidatesCommand;
 use Surfnet\StepupRa\RaBundle\Exception\InvalidArgumentException;
 
+/**
+ * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
+ */
 class RaCandidateService
 {
     /**
@@ -45,14 +49,21 @@ class RaCandidateService
      */
     private $logger;
 
+    /**
+     * @var SecondFactorTypeService
+     */
+    private $secondFactorTypeService;
+
     public function __construct(
         ApiRaCandidateService $raCandidateService,
         CommandService $commandService,
-        LoggerInterface $logger
+        LoggerInterface $logger,
+        SecondFactorTypeService $secondFactorTypeService
     ) {
         $this->apiRaCandidateService = $raCandidateService;
         $this->commandService = $commandService;
         $this->logger = $logger;
+        $this->secondFactorTypeService = $secondFactorTypeService;
     }
 
     /**
@@ -129,13 +140,11 @@ public function accreditCandidate(AccreditCandidateCommand $command)
     private function getLoa3SecondFactorTypes()
     {
         $loa3 = new Loa(Loa::LOA_3, 'LOA3');
-
         return array_filter(
-            SecondFactorType::getAvailableSecondFactorTypes(),
+            $this->secondFactorTypeService->getAvailableSecondFactorTypes(),
             function ($secondFactorType) use ($loa3) {
                 $secondFactorType = new SecondFactorType($secondFactorType);
-
-                return $secondFactorType->canSatisfy($loa3);
+                return $this->secondFactorTypeService->canSatisfy($secondFactorType, $loa3);
             }
         );
     }
diff --git a/src/Surfnet/StepupRa/RaBundle/Service/VettingService.php b/src/Surfnet/StepupRa/RaBundle/Service/VettingService.php
index e0848130..6c57f203 100644
--- a/src/Surfnet/StepupRa/RaBundle/Service/VettingService.php
+++ b/src/Surfnet/StepupRa/RaBundle/Service/VettingService.php
@@ -21,6 +21,7 @@
 use RuntimeException;
 use Surfnet\StepupBundle\Command\SendSmsChallengeCommand;
 use Surfnet\StepupBundle\Command\VerifyPossessionOfPhoneCommand;
+use Surfnet\StepupBundle\Service\SecondFactorTypeService;
 use Surfnet\StepupBundle\Service\SmsSecondFactor\OtpVerification;
 use Surfnet\StepupBundle\Service\SmsSecondFactorService;
 use Surfnet\StepupBundle\Value\PhoneNumber\InternationalPhoneNumber;
@@ -93,6 +94,11 @@ class VettingService
      */
     private $identityService;
 
+    /**
+     * @var \Surfnet\StepupBundle\Service\SecondFactorTypeService
+     */
+    private $secondFactorTypeService;
+
     public function __construct(
         SmsSecondFactorService $smsSecondFactorService,
         YubikeySecondFactorService $yubikeySecondFactorService,
@@ -101,7 +107,8 @@ public function __construct(
         CommandService $commandService,
         VettingProcedureRepository $vettingProcedureRepository,
         TranslatorInterface $translator,
-        IdentityService $identityService
+        IdentityService $identityService,
+        SecondFactorTypeService $secondFactorTypeService
     ) {
         $this->smsSecondFactorService = $smsSecondFactorService;
         $this->yubikeySecondFactorService = $yubikeySecondFactorService;
@@ -111,6 +118,7 @@ public function __construct(
         $this->vettingProcedureRepository = $vettingProcedureRepository;
         $this->translator = $translator;
         $this->identityService = $identityService;
+        $this->secondFactorTypeService = $secondFactorTypeService;
     }
 
     /**
@@ -121,7 +129,7 @@ public function isLoaSufficientToStartProcedure(StartVettingProcedureCommand $co
     {
         $secondFactorType = new SecondFactorType($command->secondFactor->type);
 
-        return $secondFactorType->isSatisfiedBy($command->authorityLoa);
+        return $this->secondFactorTypeService->isSatisfiedBy($secondFactorType, $command->authorityLoa);
     }
 
     /**
diff --git a/src/Surfnet/StepupRa/RaBundle/Tests/DependencyInjection/ConfigurationTest.php b/src/Surfnet/StepupRa/RaBundle/Tests/DependencyInjection/ConfigurationTest.php
index 96533b6e..22df8cf2 100644
--- a/src/Surfnet/StepupRa/RaBundle/Tests/DependencyInjection/ConfigurationTest.php
+++ b/src/Surfnet/StepupRa/RaBundle/Tests/DependencyInjection/ConfigurationTest.php
@@ -99,19 +99,6 @@ public function it_allows_two_enabled_second_factors()
         $this->assertConfigurationIsValid([['enabled_second_factors' => ['sms', 'yubikey']]], 'enabled_second_factors');
     }
 
-    /**
-     * @test
-     * @group configuration
-     */
-    public function it_rejects_invalid_second_factor_types()
-    {
-        $this->assertPartialConfigurationIsInvalid(
-            [['enabled_second_factors' => ['passport']]],
-            'enabled_second_factors',
-            'not one of the valid types'
-        );
-    }
-
     protected function getConfiguration()
     {
         return new Configuration();
diff --git a/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/Configuration.php b/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/Configuration.php
index 74a6dd82..f44dbe8a 100644
--- a/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/Configuration.php
+++ b/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/Configuration.php
@@ -22,6 +22,9 @@
 use Symfony\Component\Config\Definition\Builder\TreeBuilder;
 use Symfony\Component\Config\Definition\ConfigurationInterface;
 
+/**
+ * @SuppressWarnings(PHPMD.ExcessiveMethodLength)
+ */
 class Configuration implements ConfigurationInterface
 {
     public function getConfigTreeBuilder()
@@ -129,6 +132,58 @@ private function addProvidersSection(ArrayNodeDefinition $rootNode)
                         ->end()
                     ->end()
                 ->end()
+                ->arrayNode('view_config')
+                    ->children()
+                        ->arrayNode('page_title')
+                            ->children()
+                                ->scalarNode('en_GB')
+                                    ->isRequired()
+                                    ->info('English page title translation')
+                                ->end()
+                                ->scalarNode('nl_NL')
+                                    ->isRequired()
+                                    ->info('Dutch alt page title translation')
+                                ->end()
+                            ->end()
+                        ->end()
+                        ->arrayNode('explanation')
+                            ->children()
+                                ->scalarNode('en_GB')
+                                    ->isRequired()
+                                    ->info('English explanation translation')
+                                ->end()
+                                ->scalarNode('nl_NL')
+                                    ->isRequired()
+                                    ->info('Dutch explanation translation')
+                                ->end()
+                            ->end()
+                        ->end()
+                        ->arrayNode('initiate')
+                            ->children()
+                                ->scalarNode('en_GB')
+                                    ->isRequired()
+                                    ->info('English initiate text translation')
+                                ->end()
+                                ->scalarNode('nl_NL')
+                                    ->isRequired()
+                                    ->info('Dutch initiate text translation')
+                                ->end()
+                            ->end()
+                        ->end()
+                        ->arrayNode('gssf_id_mismatch')
+                            ->children()
+                                ->scalarNode('en_GB')
+                                    ->isRequired()
+                                    ->info('English id mismatch text translation')
+                                ->end()
+                                ->scalarNode('nl_NL')
+                                    ->isRequired()
+                                    ->info('Dutch id mismatch text translation')
+                                ->end()
+                            ->end()
+                        ->end()
+                    ->end()
+                ->end()
             ->end();
     }
 }
diff --git a/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/SurfnetStepupRaSamlStepupProviderExtension.php b/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/SurfnetStepupRaSamlStepupProviderExtension.php
index 19fb7aab..d22b75e3 100644
--- a/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/SurfnetStepupRaSamlStepupProviderExtension.php
+++ b/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/SurfnetStepupRaSamlStepupProviderExtension.php
@@ -80,6 +80,17 @@ private function loadProviderConfiguration(
         $providerDefinition->setPublic(false);
         $container->setDefinition('gssp.provider.' . $provider, $providerDefinition);
 
+        $viewConfigDefinition = new Definition('Surfnet\StepupRa\SamlStepupProviderBundle\Provider\ViewConfig', [
+            new Reference('request'),
+            $configuration['view_config']['page_title'],
+            $configuration['view_config']['explanation'],
+            $configuration['view_config']['initiate'],
+            $configuration['view_config']['gssf_id_mismatch'],
+        ]);
+        $viewConfigDefinition->setScope('request');
+
+        $container->setDefinition('gssp.view_config.' . $provider, $viewConfigDefinition);
+
         $container
             ->getDefinition('gssp.provider_repository')
             ->addMethodCall('addProvider', [new Reference('gssp.provider.' . $provider)]);
diff --git a/src/Surfnet/StepupRa/SamlStepupProviderBundle/Provider/ViewConfig.php b/src/Surfnet/StepupRa/SamlStepupProviderBundle/Provider/ViewConfig.php
new file mode 100644
index 00000000..d8b96f40
--- /dev/null
+++ b/src/Surfnet/StepupRa/SamlStepupProviderBundle/Provider/ViewConfig.php
@@ -0,0 +1,130 @@
+<?php
+
+/**
+ * Copyright 2017 SURFnet bv
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Surfnet\StepupRa\SamlStepupProviderBundle\Provider;
+
+use Surfnet\StepupRa\RaBundle\Exception\LogicException;
+use Symfony\Component\HttpFoundation\Request;
+
+class ViewConfig
+{
+
+    /**
+     * @var array
+     */
+    public $pageTitle;
+
+    /**
+     * @var array
+     */
+    public $explanation;
+
+    /**
+     * @var array
+     */
+    public $initiate;
+
+    /**
+     * @var array
+     */
+    public $gssfIdMismatch;
+
+    /**
+     * @var Request
+     */
+    private $request;
+
+    /**
+     * The arrays are arrays of translated text, indexed on locale.
+     *
+     * @param Request $request
+     * @param array $pageTitle
+     * @param array $explanation
+     * @param array $initiate
+     * @param array $gssfIdMismatch
+     * @SuppressWarnings(PHPMD.ExcessiveParameterList)
+     */
+    public function __construct(
+        Request $request,
+        array $pageTitle,
+        array $explanation,
+        array $initiate,
+        array $gssfIdMismatch
+    ) {
+        $this->request = $request;
+        $this->pageTitle = $pageTitle;
+        $this->explanation = $explanation;
+        $this->initiate = $initiate;
+        $this->gssfIdMismatch = $gssfIdMismatch;
+    }
+
+    /**
+     * @return array
+     */
+    public function getExplanation()
+    {
+        return $this->getTranslation($this->explanation);
+    }
+
+    /**
+     * @return array
+     */
+    public function getGssfIdMismatch()
+    {
+        return $this->getTranslation($this->gssfIdMismatch);
+    }
+
+    /**
+     * @return array
+     */
+    public function getInitiate()
+    {
+        return $this->getTranslation($this->initiate);
+    }
+
+    /**
+     * @return array
+     */
+    public function getPageTitle()
+    {
+        return $this->getTranslation($this->pageTitle);
+    }
+
+    /**
+     * @param array $translations
+     * @return mixed
+     * @throws LogicException
+     */
+    private function getTranslation(array $translations)
+    {
+        $currentLocale = $this->request->getLocale();
+        if (is_null($currentLocale)) {
+            throw new LogicException('The current language is not set');
+        }
+        if (isset($translations[$currentLocale])) {
+            return $translations[$currentLocale];
+        }
+        throw new LogicException(
+            sprintf(
+                'The requested translation is not available in this language: %s. Available languages: %s',
+                $currentLocale,
+                implode(', ', array_keys($translations))
+            )
+        );
+    }
+}
diff --git a/src/Surfnet/StepupRa/SamlStepupProviderBundle/Tests/Provider/ViewConfigTest.php b/src/Surfnet/StepupRa/SamlStepupProviderBundle/Tests/Provider/ViewConfigTest.php
new file mode 100644
index 00000000..a19e4abd
--- /dev/null
+++ b/src/Surfnet/StepupRa/SamlStepupProviderBundle/Tests/Provider/ViewConfigTest.php
@@ -0,0 +1,105 @@
+<?php
+
+/**
+ * Copyright 2017 SURFnet bv
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Surfnet\StepupRa\SamlStepupProviderBundle\Tests\Provider;
+
+use Mockery as m;
+use PHPUnit_Framework_TestCase as TestCase;
+use Surfnet\StepupRa\SamlStepupProviderBundle\Provider\ViewConfig;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * Tests the ViewConfig class
+ * @package  Surfnet\StepupRa\SamlStepupProviderBundle\Tests\Provider
+ */
+final class ViewConfigTest extends TestCase
+{
+    /**
+     * @test
+     * @group di
+     */
+    public function view_config_translates_correctly()
+    {
+        $viewConfig = $this->buildViewConfig('nl_NL');
+
+        $this->assertEquals('NL pageTitle', $viewConfig->getPageTitle());
+        $this->assertEquals('NL explanation', $viewConfig->getExplanation());
+        $this->assertEquals('NL initiate', $viewConfig->getInitiate());
+        $this->assertEquals('NL gssfIdMismatch', $viewConfig->getGssfIdMismatch());
+
+        $viewConfig = $this->buildViewConfig('en_GB');
+        $this->assertEquals('EN pageTitle', $viewConfig->getPageTitle());
+        $this->assertEquals('EN explanation', $viewConfig->getExplanation());
+        $this->assertEquals('EN initiate', $viewConfig->getInitiate());
+        $this->assertEquals('EN gssfIdMismatch', $viewConfig->getGssfIdMismatch());
+    }
+
+    /**
+     * @test
+     * @group di
+     * @expectedException \Surfnet\StepupRa\RaBundle\Exception\LogicException
+     * @expectedExceptionMessage The current language is not set
+     */
+    public function translation_fails_when_no_current_language_set()
+    {
+        $viewConfig = $this->buildViewConfig(null);
+        $viewConfig->getExplanation();
+    }
+
+    /**
+     * @test
+     * @group di
+     * @expectedException \Surfnet\StepupRa\RaBundle\Exception\LogicException
+     * @expectedExceptionMessage The requested translation is not available in this language: fr_FR.
+     *                           Available languages: en_GB, nl_NL
+     */
+    public function view_config_cannot_serve_french_translations()
+    {
+        $viewConfig = $this->buildViewConfig('fr_FR');
+        $viewConfig->getGssfIdMismatch();
+    }
+
+    /**
+     * @param string $locale
+     * @return ViewConfig
+     */
+    private function buildViewConfig($locale = '')
+    {
+        $request = m::mock(Request::class);
+        $request->shouldReceive('getLocale')->andReturn($locale)->byDefault();
+        return new ViewConfig(
+            $request,
+            $this->getTranslationsArray('pageTitle'),
+            $this->getTranslationsArray('explanation'),
+            $this->getTranslationsArray('initiate'),
+            $this->getTranslationsArray('gssfIdMismatch')
+        );
+    }
+
+    /**
+     * @param $string
+     * @return array
+     */
+    private function getTranslationsArray($string)
+    {
+        return [
+            'en_GB' => 'EN ' . $string,
+            'nl_NL' => 'NL ' . $string,
+        ];
+    }
+}