diff --git a/app/AppKernel.php b/app/AppKernel.php
index b7f21267..7c5ec36d 100644
--- a/app/AppKernel.php
+++ b/app/AppKernel.php
@@ -28,7 +28,6 @@ public function registerBundles()
             new Symfony\Bundle\SecurityBundle\SecurityBundle(),
             new Symfony\Bundle\TwigBundle\TwigBundle(),
             new Symfony\Bundle\MonologBundle\MonologBundle(),
-            new Symfony\Bundle\SwiftmailerBundle\SwiftmailerBundle(),
             new Symfony\Bundle\AsseticBundle\AsseticBundle(),
             new Sensio\Bundle\FrameworkExtraBundle\SensioFrameworkExtraBundle(),
             new Surfnet\StepupRa\RaBundle\SurfnetStepupRaRaBundle(),
diff --git a/app/Resources/translations/messages.en_GB.xliff b/app/Resources/translations/messages.en_GB.xliff
index 2eb4425b..81a875dc 100644
--- a/app/Resources/translations/messages.en_GB.xliff
+++ b/app/Resources/translations/messages.en_GB.xliff
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:jms="urn:jms:translation" version="1.2">
-  <file date="2016-11-25T16:20:09Z" source-language="en" target-language="en_GB" datatype="plaintext" original="not.available">
+  <file date="2017-06-15T15:47:58Z" source-language="en" target-language="en_GB" datatype="plaintext" original="not.available">
     <header>
       <tool tool-id="JMSTranslationBundle" tool-name="JMSTranslationBundle" tool-version="1.1.0-DEV"/>
       <note>The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message.</note>
@@ -33,72 +33,72 @@
         <target>Nederlands</target>
       </trans-unit>
       <trans-unit id="37836182b3260cbaf343a44bfb622776839666cc" resname="ra.auditlog.action.accredited_as_ra">
-        <jms:reference-file line="63">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="53">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.accredited_as_ra</source>
         <target>Accredited as RA</target>
       </trans-unit>
       <trans-unit id="66b320bfe1f15eabe6e0baa04e94b71c2152f8e2" resname="ra.auditlog.action.accredited_as_raa">
-        <jms:reference-file line="64">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="54">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.accredited_as_raa</source>
         <target>Accredited as RAA</target>
       </trans-unit>
       <trans-unit id="ba50c2f5a7066cd14d8ae1f33c5f4decc892d0b7" resname="ra.auditlog.action.appointed_as_ra">
-        <jms:reference-file line="65">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="55">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.appointed_as_ra</source>
         <target>Appointed as RA</target>
       </trans-unit>
       <trans-unit id="f1a9c08794cd9c91a7f63841cc1c9ff61c3da452" resname="ra.auditlog.action.appointed_as_raa">
-        <jms:reference-file line="66">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="56">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.appointed_as_raa</source>
         <target>Appointed as RAA</target>
       </trans-unit>
       <trans-unit id="9c05a55d8f3ef06afe4f9d81883c0cd6dc415933" resname="ra.auditlog.action.bootstrapped">
-        <jms:reference-file line="62">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="52">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.bootstrapped</source>
         <target>Identity and Token bootstrapped</target>
       </trans-unit>
       <trans-unit id="c9199d83adb7c6ebeaa6cfe08d2fc57f308677a9" resname="ra.auditlog.action.created">
-        <jms:reference-file line="57">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="47">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.created</source>
         <target>Identity Created</target>
       </trans-unit>
       <trans-unit id="f2264e8a139e432bc0b30abd24ab34750e944da0" resname="ra.auditlog.action.email_changed">
-        <jms:reference-file line="58">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="48">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.email_changed</source>
         <target>E-mail changed</target>
       </trans-unit>
       <trans-unit id="8750a7f384fd2159c68613b478b283083c45f8fa" resname="ra.auditlog.action.email_verified">
-        <jms:reference-file line="55">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="45">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.email_verified</source>
         <target>E-mail verified</target>
       </trans-unit>
       <trans-unit id="59b375a103f9bff34d2da25cb0563524354b357d" resname="ra.auditlog.action.possession_proven">
-        <jms:reference-file line="56">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="46">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.possession_proven</source>
         <target>Token possession proven</target>
       </trans-unit>
       <trans-unit id="6182cba621f2930f0600729d0cf846477b645851" resname="ra.auditlog.action.renamed">
-        <jms:reference-file line="59">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="49">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.renamed</source>
         <target>Name changed</target>
       </trans-unit>
       <trans-unit id="625f464c28c526a1fb856c5c6c8387e8d4c49518" resname="ra.auditlog.action.retracted_as_ra">
-        <jms:reference-file line="67">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="57">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.retracted_as_ra</source>
         <target>Removed as RA(A)</target>
       </trans-unit>
       <trans-unit id="3b4520b328a4b841d468fd967962d674db2d2947" resname="ra.auditlog.action.revoked">
-        <jms:reference-file line="61">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="51">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.revoked</source>
         <target>Token revoked</target>
       </trans-unit>
       <trans-unit id="cfa1707c5ee601824695a03199bac938cbac9a62" resname="ra.auditlog.action.revoked_by_ra">
-        <jms:reference-file line="54">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="44">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.revoked_by_ra</source>
         <target>Token revoked by RA</target>
       </trans-unit>
       <trans-unit id="0685bbf771d00c304c5807c48e34ba0c8b73b3eb" resname="ra.auditlog.action.vetted">
-        <jms:reference-file line="60">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="50">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.vetted</source>
         <target>Token vetted</target>
       </trans-unit>
@@ -158,8 +158,8 @@
         <target>RA location successfully created</target>
       </trans-unit>
       <trans-unit id="5a045b50111a6cdd614329837fa07cbf64d896a6" resname="ra.error.button.go_home">
-        <jms:reference-file line="12">views/Exception/error.html.twig</jms:reference-file>
         <jms:reference-file line="12">views/Exception/error404.html.twig</jms:reference-file>
+        <jms:reference-file line="12">views/Exception/error.html.twig</jms:reference-file>
         <source>ra.error.button.go_home</source>
         <target>Back to Home</target>
       </trans-unit>
@@ -254,8 +254,8 @@
         <target>Please report this error + error code to the helpdesk via support@surfconext.nl</target>
       </trans-unit>
       <trans-unit id="97cec45f4b04606121bd0a6613f2673f4e55eff7" resname="ra.error.text.your_art_code">
-        <jms:reference-file line="16">views/Exception/error.html.twig</jms:reference-file>
         <jms:reference-file line="16">views/Exception/error404.html.twig</jms:reference-file>
+        <jms:reference-file line="16">views/Exception/error.html.twig</jms:reference-file>
         <source>ra.error.text.your_art_code</source>
         <target>The error code is:</target>
       </trans-unit>
@@ -285,12 +285,12 @@
         <target>Due to an unknown reason, switching locales failed.</target>
       </trans-unit>
       <trans-unit id="c73b11f71b8ad5d46b3e42e649919aee4bc9ece5" resname="ra.form.extension.ra_role_choice.ra">
-        <jms:reference-file line="50">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="40">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.form.extension.ra_role_choice.ra</source>
         <target>RA</target>
       </trans-unit>
       <trans-unit id="e55aa3fd11b0cd43d84e2e3e41be6729e7fc35f0" resname="ra.form.extension.ra_role_choice.raa">
-        <jms:reference-file line="51">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="41">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.form.extension.ra_role_choice.raa</source>
         <target>RAA</target>
       </trans-unit>
@@ -330,8 +330,8 @@
         <target>E-mail</target>
       </trans-unit>
       <trans-unit id="9f4c34138ef487cdf008770c1257b06291343831" resname="ra.form.ra_search_ra_candidates.label.name">
-        <jms:reference-file line="31">Form/Type/ChangeRaLocationType.php</jms:reference-file>
         <jms:reference-file line="31">Form/Type/SearchRaCandidatesType.php</jms:reference-file>
+        <jms:reference-file line="31">Form/Type/ChangeRaLocationType.php</jms:reference-file>
         <source>ra.form.ra_search_ra_candidates.label.name</source>
         <target>Name</target>
       </trans-unit>
@@ -476,7 +476,7 @@
         <target>Verify identity</target>
       </trans-unit>
       <trans-unit id="584ef35d6af2f2917e708a1a6092f0b0938151e4" resname="ra.management.amend_ra_info.error.middleware_command_failed">
-        <jms:reference-file line="74">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="64">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.amend_ra_info.error.middleware_command_failed</source>
         <target>The amendment of the RA's information failed due to a server error.</target>
       </trans-unit>
@@ -564,7 +564,7 @@
         <target>The Registration Authority has been granted the selected role</target>
       </trans-unit>
       <trans-unit id="f2d212150076ce42ffe47d514f182ad5e7a6c9fe" resname="ra.management.create_ra.error.middleware_command_failed">
-        <jms:reference-file line="73">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="63">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.create_ra.error.middleware_command_failed</source>
         <target>The identity could not be granted the chosen role due to a server error.</target>
       </trans-unit>
@@ -714,8 +714,8 @@
         <target>Change Role</target>
       </trans-unit>
       <trans-unit id="249a6c69487c5477929e1dac383aa2d02fb25198" resname="ra.management.overview.common_name">
-        <jms:reference-file line="13">views/RaManagement/manage.html.twig</jms:reference-file>
         <jms:reference-file line="26">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
+        <jms:reference-file line="13">views/RaManagement/manage.html.twig</jms:reference-file>
         <source>ra.management.overview.common_name</source>
         <target>Name</target>
       </trans-unit>
@@ -740,17 +740,17 @@
         <target>Role</target>
       </trans-unit>
       <trans-unit id="64d8691325da6d2b996fd48f7da7a382fdeb22e7" resname="ra.management.overview.role.value.ra">
-        <jms:reference-file line="70">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="60">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.ra</source>
         <target>RA</target>
       </trans-unit>
       <trans-unit id="ac982ab35b7b5438a72cb6e243975c8ddd35e148" resname="ra.management.overview.role.value.raa">
-        <jms:reference-file line="71">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="61">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.raa</source>
         <target>RAA</target>
       </trans-unit>
       <trans-unit id="53c4452d09c417bfb728d1e738b2ae2bbff3c883" resname="ra.management.overview.role.value.sraa">
-        <jms:reference-file line="72">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="62">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.sraa</source>
         <target>SRAA</target>
       </trans-unit>
@@ -1127,7 +1127,7 @@
         <target>Identity verification failed</target>
       </trans-unit>
       <trans-unit id="eff2ebc67229b22b80526799953593c40a2c6ef9" resname="ra.verify_identity.registration_code_expired">
-        <jms:reference-file line="228">RaBundle/Controller/VettingController.php</jms:reference-file>
+        <jms:reference-file line="231">RaBundle/Controller/VettingController.php</jms:reference-file>
         <jms:reference-file line="10">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.verify_identity.registration_code_expired</source>
         <target>The activation code has expired. First, delete the current token registration of the user (by RA or user). The user then starts a new registration on %self_service_url% and will receive a new activation code that is valid for 14 days.</target>
@@ -1151,59 +1151,19 @@
         <jms:reference-file line="51">Form/Type/VerifyIdentityType.php</jms:reference-file>
         <jms:reference-file line="47">Form/Type/VerifyPhoneNumberType.php</jms:reference-file>
         <jms:reference-file line="5">Vetting/partial/cancelVettingProcedure.html.twig</jms:reference-file>
+        <jms:reference-file line="56">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
         <jms:reference-file line="47">Vetting/Sms/provePossession.html.twig</jms:reference-file>
         <jms:reference-file line="47">Vetting/Sms/sendChallenge.html.twig</jms:reference-file>
-        <jms:reference-file line="56">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
         <source>ra.vetting.button.cancel_procedure</source>
         <target>Cancel</target>
       </trans-unit>
       <trans-unit id="32b7bc724e0d07eac8325753ae89605966b495c7" resname="ra.vetting.flash.cancelled">
+        <jms:reference-file line="157">RaBundle/Controller/VettingController.php</jms:reference-file>
+        <jms:reference-file line="187">RaBundle/Controller/VettingController.php</jms:reference-file>
         <jms:reference-file line="120">Controller/Vetting/SmsController.php</jms:reference-file>
-        <jms:reference-file line="154">RaBundle/Controller/VettingController.php</jms:reference-file>
-        <jms:reference-file line="184">RaBundle/Controller/VettingController.php</jms:reference-file>
         <source>ra.vetting.flash.cancelled</source>
         <target>The vetting procedure was cancelled.</target>
       </trans-unit>
-      <trans-unit id="1dec0b54fa1739f15b995a5a8a3acb03adeff07d" resname="ra.vetting.gssf.initiate.biometric.button.initiate">
-        <jms:reference-file line="46">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.button.initiate</source>
-        <target>Verify biometrics</target>
-      </trans-unit>
-      <trans-unit id="94b9f4e4392a0b3cdf5cff65cf8951cb2ee4b3ba" resname="ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch">
-        <jms:reference-file line="47">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch</source>
-        <target>The biometric device returned a different ID than was registered in the Self-Service application.</target>
-      </trans-unit>
-      <trans-unit id="900abec75af2dfb739b1f7a9e73695385893b0d0" resname="ra.vetting.gssf.initiate.biometric.text.explanation">
-        <jms:reference-file line="45">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.text.explanation</source>
-        <target>Click the button below to verify the registrant biometrically.</target>
-      </trans-unit>
-      <trans-unit id="ee546154768e6aa0c5075029912a2b01d7cd5ab6" resname="ra.vetting.gssf.initiate.biometric.title.page">
-        <jms:reference-file line="44">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.title.page</source>
-        <target>Verify biometrics</target>
-      </trans-unit>
-      <trans-unit id="485287b4d4e2f13a9df979601799e727821b9817" resname="ra.vetting.gssf.initiate.tiqr.button.initiate">
-        <jms:reference-file line="42">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.button.initiate</source>
-        <target>Verify with Tiqr</target>
-      </trans-unit>
-      <trans-unit id="e6ca047d4a5ae812276be6e8ece30cc7d6102af2" resname="ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch">
-        <jms:reference-file line="43">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch</source>
-        <target>The Tiqr server responded with an ID that doesn't match the requested ID the registrant registered with using the Self-Service application.</target>
-      </trans-unit>
-      <trans-unit id="a5ec286b6d7f1ba6056eb720211d748ca9e8844c" resname="ra.vetting.gssf.initiate.tiqr.text.explanation">
-        <jms:reference-file line="41">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.text.explanation</source>
-        <target>Click the button below to verify the registrant owns the Tiqr account he or she registered with in the Self-Service application.</target>
-      </trans-unit>
-      <trans-unit id="cb3ffa7493a6cbda2c134ee5c2b80f193f822737" resname="ra.vetting.gssf.initiate.tiqr.title.page">
-        <jms:reference-file line="40">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.title.page</source>
-        <target>Verify with Tiqr</target>
-      </trans-unit>
       <trans-unit id="3f708a1089bb9a75621006456174cd658d18b541" resname="ra.vetting.progress_bar.enter_registration_code">
         <jms:reference-file line="2">Vetting/partial/progressBar.html.twig</jms:reference-file>
         <source>ra.vetting.progress_bar.enter_registration_code</source>
@@ -1250,7 +1210,7 @@
         <target>Token type disabled</target>
       </trans-unit>
       <trans-unit id="8e4a356a46fe95b04ae1cbb201b8d62e15670b2e" resname="ra.vetting.sms.challenge_body">
-        <jms:reference-file line="216">RaBundle/Service/VettingService.php</jms:reference-file>
+        <jms:reference-file line="224">RaBundle/Service/VettingService.php</jms:reference-file>
         <source>ra.vetting.sms.challenge_body</source>
         <target>Your code: %challenge%</target>
       </trans-unit>
@@ -1300,12 +1260,12 @@
         <target>Home</target>
       </trans-unit>
       <trans-unit id="385d56fffaf0e844dcd7b164b18741f050ba28e7" resname="ra.vetting.u2f.alert.device_reported_an_error">
-        <jms:reference-file line="77">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="67">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.vetting.u2f.alert.device_reported_an_error</source>
         <target>The U2F device reported an error. Try again or visit your IT helpdesk.</target>
       </trans-unit>
       <trans-unit id="467eb86ef7b096d0e14386714ef1b120c3f6b834" resname="ra.vetting.u2f.alert.error">
-        <jms:reference-file line="78">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="68">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.vetting.u2f.alert.error</source>
         <target>The authentication using the U2F device failed. Try again or visit your IT helpdesk.</target>
       </trans-unit>
diff --git a/app/Resources/translations/messages.nl_NL.xliff b/app/Resources/translations/messages.nl_NL.xliff
index 5987368a..0564dc2a 100644
--- a/app/Resources/translations/messages.nl_NL.xliff
+++ b/app/Resources/translations/messages.nl_NL.xliff
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:jms="urn:jms:translation" version="1.2">
-  <file date="2016-11-25T16:20:48Z" source-language="en" target-language="nl_NL" datatype="plaintext" original="not.available">
+  <file date="2017-06-15T15:47:50Z" source-language="en" target-language="nl_NL" datatype="plaintext" original="not.available">
     <header>
       <tool tool-id="JMSTranslationBundle" tool-name="JMSTranslationBundle" tool-version="1.1.0-DEV"/>
       <note>The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message.</note>
@@ -33,72 +33,72 @@
         <target>Nederlands</target>
       </trans-unit>
       <trans-unit id="37836182b3260cbaf343a44bfb622776839666cc" resname="ra.auditlog.action.accredited_as_ra">
-        <jms:reference-file line="63">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="53">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.accredited_as_ra</source>
         <target>Geaccrediteerd als RA</target>
       </trans-unit>
       <trans-unit id="66b320bfe1f15eabe6e0baa04e94b71c2152f8e2" resname="ra.auditlog.action.accredited_as_raa">
-        <jms:reference-file line="64">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="54">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.accredited_as_raa</source>
         <target>Geaccrediteerd als RAA</target>
       </trans-unit>
       <trans-unit id="ba50c2f5a7066cd14d8ae1f33c5f4decc892d0b7" resname="ra.auditlog.action.appointed_as_ra">
-        <jms:reference-file line="65">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="55">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.appointed_as_ra</source>
         <target>RA rol toegewezen gekregen</target>
       </trans-unit>
       <trans-unit id="f1a9c08794cd9c91a7f63841cc1c9ff61c3da452" resname="ra.auditlog.action.appointed_as_raa">
-        <jms:reference-file line="66">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="56">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.appointed_as_raa</source>
         <target>RAA rol toegewezen gekregen</target>
       </trans-unit>
       <trans-unit id="9c05a55d8f3ef06afe4f9d81883c0cd6dc415933" resname="ra.auditlog.action.bootstrapped">
-        <jms:reference-file line="62">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="52">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.bootstrapped</source>
         <target>Identiteit en Token gebootstrapped</target>
       </trans-unit>
       <trans-unit id="c9199d83adb7c6ebeaa6cfe08d2fc57f308677a9" resname="ra.auditlog.action.created">
-        <jms:reference-file line="57">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="47">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.created</source>
         <target>Identiteit aangemaakt</target>
       </trans-unit>
       <trans-unit id="f2264e8a139e432bc0b30abd24ab34750e944da0" resname="ra.auditlog.action.email_changed">
-        <jms:reference-file line="58">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="48">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.email_changed</source>
         <target>E-mail gewijzigd</target>
       </trans-unit>
       <trans-unit id="8750a7f384fd2159c68613b478b283083c45f8fa" resname="ra.auditlog.action.email_verified">
-        <jms:reference-file line="55">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="45">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.email_verified</source>
         <target>E-mail geverifieerd</target>
       </trans-unit>
       <trans-unit id="59b375a103f9bff34d2da25cb0563524354b357d" resname="ra.auditlog.action.possession_proven">
-        <jms:reference-file line="56">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="46">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.possession_proven</source>
         <target>Bezit aangetoond</target>
       </trans-unit>
       <trans-unit id="6182cba621f2930f0600729d0cf846477b645851" resname="ra.auditlog.action.renamed">
-        <jms:reference-file line="59">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="49">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.renamed</source>
         <target>Naam gewijzigd</target>
       </trans-unit>
       <trans-unit id="625f464c28c526a1fb856c5c6c8387e8d4c49518" resname="ra.auditlog.action.retracted_as_ra">
-        <jms:reference-file line="67">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="57">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.retracted_as_ra</source>
         <target>Verwijderd als RA(A)</target>
       </trans-unit>
       <trans-unit id="3b4520b328a4b841d468fd967962d674db2d2947" resname="ra.auditlog.action.revoked">
-        <jms:reference-file line="61">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="51">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.revoked</source>
         <target>Token verwijderd</target>
       </trans-unit>
       <trans-unit id="cfa1707c5ee601824695a03199bac938cbac9a62" resname="ra.auditlog.action.revoked_by_ra">
-        <jms:reference-file line="54">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="44">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.revoked_by_ra</source>
         <target>Token verwijderd door RA</target>
       </trans-unit>
       <trans-unit id="0685bbf771d00c304c5807c48e34ba0c8b73b3eb" resname="ra.auditlog.action.vetted">
-        <jms:reference-file line="60">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="50">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.auditlog.action.vetted</source>
         <target>Token gevet</target>
       </trans-unit>
@@ -158,8 +158,8 @@
         <target>RA-locatie succesvol aangemaakt</target>
       </trans-unit>
       <trans-unit id="5a045b50111a6cdd614329837fa07cbf64d896a6" resname="ra.error.button.go_home">
-        <jms:reference-file line="12">views/Exception/error.html.twig</jms:reference-file>
         <jms:reference-file line="12">views/Exception/error404.html.twig</jms:reference-file>
+        <jms:reference-file line="12">views/Exception/error.html.twig</jms:reference-file>
         <source>ra.error.button.go_home</source>
         <target>Terug naar Home</target>
       </trans-unit>
@@ -254,8 +254,8 @@
         <target>Meld deze error code aan de helpdesk via support@surfconext.nl</target>
       </trans-unit>
       <trans-unit id="97cec45f4b04606121bd0a6613f2673f4e55eff7" resname="ra.error.text.your_art_code">
-        <jms:reference-file line="16">views/Exception/error.html.twig</jms:reference-file>
         <jms:reference-file line="16">views/Exception/error404.html.twig</jms:reference-file>
+        <jms:reference-file line="16">views/Exception/error.html.twig</jms:reference-file>
         <source>ra.error.text.your_art_code</source>
         <target>De fout code is:</target>
       </trans-unit>
@@ -285,12 +285,12 @@
         <target>Het wisselen van taal is mislukt wegens een onbekende reden.</target>
       </trans-unit>
       <trans-unit id="c73b11f71b8ad5d46b3e42e649919aee4bc9ece5" resname="ra.form.extension.ra_role_choice.ra">
-        <jms:reference-file line="50">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="40">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.form.extension.ra_role_choice.ra</source>
         <target>RA</target>
       </trans-unit>
       <trans-unit id="e55aa3fd11b0cd43d84e2e3e41be6729e7fc35f0" resname="ra.form.extension.ra_role_choice.raa">
-        <jms:reference-file line="51">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="41">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.form.extension.ra_role_choice.raa</source>
         <target>RAA</target>
       </trans-unit>
@@ -330,8 +330,8 @@
         <target>E-mail</target>
       </trans-unit>
       <trans-unit id="9f4c34138ef487cdf008770c1257b06291343831" resname="ra.form.ra_search_ra_candidates.label.name">
-        <jms:reference-file line="31">Form/Type/ChangeRaLocationType.php</jms:reference-file>
         <jms:reference-file line="31">Form/Type/SearchRaCandidatesType.php</jms:reference-file>
+        <jms:reference-file line="31">Form/Type/ChangeRaLocationType.php</jms:reference-file>
         <source>ra.form.ra_search_ra_candidates.label.name</source>
         <target>Naam</target>
       </trans-unit>
@@ -476,7 +476,7 @@
         <target>Verifieer identiteit</target>
       </trans-unit>
       <trans-unit id="584ef35d6af2f2917e708a1a6092f0b0938151e4" resname="ra.management.amend_ra_info.error.middleware_command_failed">
-        <jms:reference-file line="74">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="64">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.amend_ra_info.error.middleware_command_failed</source>
         <target>Het wijzigen van de gegevens van de RA is mislukt vanwege een serverfout.</target>
       </trans-unit>
@@ -564,7 +564,7 @@
         <target>De Registratie Authoriteit heeft de gekozen rol toegewezen gekregen</target>
       </trans-unit>
       <trans-unit id="f2d212150076ce42ffe47d514f182ad5e7a6c9fe" resname="ra.management.create_ra.error.middleware_command_failed">
-        <jms:reference-file line="73">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="63">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.create_ra.error.middleware_command_failed</source>
         <target>De gekozen rol kon niet aan de identiteit toegekend worden vanwege een serverfout.</target>
       </trans-unit>
@@ -714,8 +714,8 @@
         <target>Verander Rol</target>
       </trans-unit>
       <trans-unit id="249a6c69487c5477929e1dac383aa2d02fb25198" resname="ra.management.overview.common_name">
-        <jms:reference-file line="13">views/RaManagement/manage.html.twig</jms:reference-file>
         <jms:reference-file line="26">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
+        <jms:reference-file line="13">views/RaManagement/manage.html.twig</jms:reference-file>
         <source>ra.management.overview.common_name</source>
         <target>Naam</target>
       </trans-unit>
@@ -740,17 +740,17 @@
         <target>Rol</target>
       </trans-unit>
       <trans-unit id="64d8691325da6d2b996fd48f7da7a382fdeb22e7" resname="ra.management.overview.role.value.ra">
-        <jms:reference-file line="70">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="60">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.ra</source>
         <target>RA</target>
       </trans-unit>
       <trans-unit id="ac982ab35b7b5438a72cb6e243975c8ddd35e148" resname="ra.management.overview.role.value.raa">
-        <jms:reference-file line="71">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="61">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.raa</source>
         <target>RAA</target>
       </trans-unit>
       <trans-unit id="53c4452d09c417bfb728d1e738b2ae2bbff3c883" resname="ra.management.overview.role.value.sraa">
-        <jms:reference-file line="72">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="62">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.management.overview.role.value.sraa</source>
         <target>SRAA</target>
       </trans-unit>
@@ -1127,7 +1127,7 @@
         <target>De verificatie van de identiteit is mislukt</target>
       </trans-unit>
       <trans-unit id="eff2ebc67229b22b80526799953593c40a2c6ef9" resname="ra.verify_identity.registration_code_expired">
-        <jms:reference-file line="228">RaBundle/Controller/VettingController.php</jms:reference-file>
+        <jms:reference-file line="231">RaBundle/Controller/VettingController.php</jms:reference-file>
         <jms:reference-file line="10">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.verify_identity.registration_code_expired</source>
         <target>De activatie code is verlopen. Verwijder eerst de huidige token registratie (door RA of gebruiker). De gebruiker start vervolgens een nieuwe registratie via %self_service_url% en ontvangt een nieuwe activatiecode die weer 14 dagen geldig blijft.</target>
@@ -1151,59 +1151,19 @@
         <jms:reference-file line="51">Form/Type/VerifyIdentityType.php</jms:reference-file>
         <jms:reference-file line="47">Form/Type/VerifyPhoneNumberType.php</jms:reference-file>
         <jms:reference-file line="5">Vetting/partial/cancelVettingProcedure.html.twig</jms:reference-file>
+        <jms:reference-file line="56">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
         <jms:reference-file line="47">Vetting/Sms/provePossession.html.twig</jms:reference-file>
         <jms:reference-file line="47">Vetting/Sms/sendChallenge.html.twig</jms:reference-file>
-        <jms:reference-file line="56">views/Vetting/verifyIdentity.html.twig</jms:reference-file>
         <source>ra.vetting.button.cancel_procedure</source>
         <target>Annuleren</target>
       </trans-unit>
       <trans-unit id="32b7bc724e0d07eac8325753ae89605966b495c7" resname="ra.vetting.flash.cancelled">
+        <jms:reference-file line="157">RaBundle/Controller/VettingController.php</jms:reference-file>
+        <jms:reference-file line="187">RaBundle/Controller/VettingController.php</jms:reference-file>
         <jms:reference-file line="120">Controller/Vetting/SmsController.php</jms:reference-file>
-        <jms:reference-file line="154">RaBundle/Controller/VettingController.php</jms:reference-file>
-        <jms:reference-file line="184">RaBundle/Controller/VettingController.php</jms:reference-file>
         <source>ra.vetting.flash.cancelled</source>
         <target>De activatieprocedure is afgebroken.</target>
       </trans-unit>
-      <trans-unit id="1dec0b54fa1739f15b995a5a8a3acb03adeff07d" resname="ra.vetting.gssf.initiate.biometric.button.initiate">
-        <jms:reference-file line="46">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.button.initiate</source>
-        <target>Biometrie verifiëren</target>
-      </trans-unit>
-      <trans-unit id="94b9f4e4392a0b3cdf5cff65cf8951cb2ee4b3ba" resname="ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch">
-        <jms:reference-file line="47">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch</source>
-        <target>Het biometrisch apparaat heeft een ID teruggegeven dat niet overeenkomt met het gevraagde ID, dat de registrant heeft geregistreerd in de Self-Service-applicatie.</target>
-      </trans-unit>
-      <trans-unit id="900abec75af2dfb739b1f7a9e73695385893b0d0" resname="ra.vetting.gssf.initiate.biometric.text.explanation">
-        <jms:reference-file line="45">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.text.explanation</source>
-        <target>Klik de knop hieronder om de registrant biometrisch te verifiëren.</target>
-      </trans-unit>
-      <trans-unit id="ee546154768e6aa0c5075029912a2b01d7cd5ab6" resname="ra.vetting.gssf.initiate.biometric.title.page">
-        <jms:reference-file line="44">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.biometric.title.page</source>
-        <target>Biometrie verifiëren</target>
-      </trans-unit>
-      <trans-unit id="485287b4d4e2f13a9df979601799e727821b9817" resname="ra.vetting.gssf.initiate.tiqr.button.initiate">
-        <jms:reference-file line="42">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.button.initiate</source>
-        <target>Verifiëren bij Tiqr</target>
-      </trans-unit>
-      <trans-unit id="e6ca047d4a5ae812276be6e8ece30cc7d6102af2" resname="ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch">
-        <jms:reference-file line="43">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch</source>
-        <target>De Tiqr-server heeft een ID teruggegeven dat niet overeenkomt met het gevraagde ID, dat de registrant heeft geregistreerd in de Self-Service-applicatie.</target>
-      </trans-unit>
-      <trans-unit id="a5ec286b6d7f1ba6056eb720211d748ca9e8844c" resname="ra.vetting.gssf.initiate.tiqr.text.explanation">
-        <jms:reference-file line="41">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.text.explanation</source>
-        <target>Klik de knop hieronder om te verifiëren dat de registrant het Tiqr-account bezit dat hij of zij gebruikt heeft in de Self-Service-applicatie.</target>
-      </trans-unit>
-      <trans-unit id="cb3ffa7493a6cbda2c134ee5c2b80f193f822737" resname="ra.vetting.gssf.initiate.tiqr.title.page">
-        <jms:reference-file line="40">Resources/views/translations.html.twig</jms:reference-file>
-        <source>ra.vetting.gssf.initiate.tiqr.title.page</source>
-        <target>Tiqr verifiëren</target>
-      </trans-unit>
       <trans-unit id="3f708a1089bb9a75621006456174cd658d18b541" resname="ra.vetting.progress_bar.enter_registration_code">
         <jms:reference-file line="2">Vetting/partial/progressBar.html.twig</jms:reference-file>
         <source>ra.vetting.progress_bar.enter_registration_code</source>
@@ -1250,7 +1210,7 @@
         <target>Tokentype uitgeschakeld</target>
       </trans-unit>
       <trans-unit id="8e4a356a46fe95b04ae1cbb201b8d62e15670b2e" resname="ra.vetting.sms.challenge_body">
-        <jms:reference-file line="216">RaBundle/Service/VettingService.php</jms:reference-file>
+        <jms:reference-file line="224">RaBundle/Service/VettingService.php</jms:reference-file>
         <source>ra.vetting.sms.challenge_body</source>
         <target>Uw SMS-code: %challenge%</target>
       </trans-unit>
@@ -1300,12 +1260,12 @@
         <target>Home</target>
       </trans-unit>
       <trans-unit id="385d56fffaf0e844dcd7b164b18741f050ba28e7" resname="ra.vetting.u2f.alert.device_reported_an_error">
-        <jms:reference-file line="77">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="67">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.vetting.u2f.alert.device_reported_an_error</source>
         <target>Het U2F-apparaat heeft een foutmelding gerapporteerd. Probeer het opnieuw of neem contact op met de IT-helpdesk.</target>
       </trans-unit>
       <trans-unit id="467eb86ef7b096d0e14386714ef1b120c3f6b834" resname="ra.vetting.u2f.alert.error">
-        <jms:reference-file line="78">Resources/views/translations.html.twig</jms:reference-file>
+        <jms:reference-file line="68">Resources/views/translations.html.twig</jms:reference-file>
         <source>ra.vetting.u2f.alert.error</source>
         <target>De authenticate met het U2F-apparaat is mislukt. Probeer het opnieuw of neem contact op met de IT-helpdesk.</target>
       </trans-unit>
diff --git a/app/Resources/translations/validators.en_GB.xliff b/app/Resources/translations/validators.en_GB.xliff
index c34632c9..283c1a23 100644
--- a/app/Resources/translations/validators.en_GB.xliff
+++ b/app/Resources/translations/validators.en_GB.xliff
@@ -1,11 +1,15 @@
 <?xml version="1.0" encoding="utf-8"?>
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:jms="urn:jms:translation" version="1.2">
-  <file date="2016-11-03T10:43:41Z" source-language="en" target-language="en_GB" datatype="plaintext" original="not.available">
+  <file date="2017-06-15T15:47:57Z" source-language="en" target-language="en_GB" datatype="plaintext" original="not.available">
     <header>
       <tool tool-id="JMSTranslationBundle" tool-name="JMSTranslationBundle" tool-version="1.1.0-DEV"/>
       <note>The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message.</note>
     </header>
     <body>
+      <trans-unit id="9fe9614ee06100ffa9474b193d1aec7a4c1d1334" resname="middleware_client.dto.configuration.allowed_second_factors.must_be_array">
+        <source>middleware_client.dto.configuration.allowed_second_factors.must_be_array</source>
+        <target state="new">middleware_client.dto.configuration.allowed_second_factors.must_be_array</target>
+      </trans-unit>
       <trans-unit id="e921db3beb8170142aa4dcd8c364595343b6fc64" resname="middleware_client.dto.configuration.show_raa_contact_information.must_be_boolean">
         <source>middleware_client.dto.configuration.show_raa_contact_information.must_be_boolean</source>
         <target>Show RAA Contact Information option must be boolean.</target>
diff --git a/app/Resources/translations/validators.nl_NL.xliff b/app/Resources/translations/validators.nl_NL.xliff
index c079e317..3ed6db7d 100644
--- a/app/Resources/translations/validators.nl_NL.xliff
+++ b/app/Resources/translations/validators.nl_NL.xliff
@@ -1,11 +1,15 @@
 <?xml version="1.0" encoding="utf-8"?>
 <xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" xmlns:jms="urn:jms:translation" version="1.2">
-  <file date="2016-11-03T10:45:46Z" source-language="en" target-language="nl_NL" datatype="plaintext" original="not.available">
+  <file date="2017-06-15T15:47:50Z" source-language="en" target-language="nl_NL" datatype="plaintext" original="not.available">
     <header>
       <tool tool-id="JMSTranslationBundle" tool-name="JMSTranslationBundle" tool-version="1.1.0-DEV"/>
       <note>The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message.</note>
     </header>
     <body>
+      <trans-unit id="9fe9614ee06100ffa9474b193d1aec7a4c1d1334" resname="middleware_client.dto.configuration.allowed_second_factors.must_be_array">
+        <source>middleware_client.dto.configuration.allowed_second_factors.must_be_array</source>
+        <target state="new">middleware_client.dto.configuration.allowed_second_factors.must_be_array</target>
+      </trans-unit>
       <trans-unit id="e921db3beb8170142aa4dcd8c364595343b6fc64" resname="middleware_client.dto.configuration.show_raa_contact_information.must_be_boolean">
         <source>middleware_client.dto.configuration.show_raa_contact_information.must_be_boolean</source>
         <target>Show RAA Contact Information option must be boolean.</target>
diff --git a/app/config/config.yml b/app/config/config.yml
index fac1de6c..722c5b87 100644
--- a/app/config/config.yml
+++ b/app/config/config.yml
@@ -56,14 +56,6 @@ assetic:
         #yui_css:
         #    jar: "%kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar"
 
-# Swiftmailer Configuration
-swiftmailer:
-    transport: "%mailer_transport%"
-    host:      "%mailer_host%"
-    username:  "%mailer_user%"
-    password:  "%mailer_password%"
-    spool:     { type: memory }
-
 nelmio_security:
     clickjacking:
         paths:
@@ -84,6 +76,7 @@ services:
 surfnet_stepup_ra_ra:
     required_loa: %loa_required_for_login%
     enabled_second_factors: %enabled_second_factors%
+    enabled_generic_second_factors: %enabled_generic_second_factors%
     session_lifetimes:
         max_absolute_lifetime: "%session_max_absolute_lifetime%"
         max_relative_lifetime: "%session_max_relative_lifetime%"
diff --git a/app/config/config_dev.yml b/app/config/config_dev.yml
index cfe93935..9d9254b0 100644
--- a/app/config/config_dev.yml
+++ b/app/config/config_dev.yml
@@ -54,9 +54,6 @@ monolog:
 assetic:
     use_controller: "%use_assetic_controller%"
 
-swiftmailer:
-    port: 1025
-
 nelmio_security:
     csp:
         img: [ self, 'data:' ]
diff --git a/app/config/config_test.yml b/app/config/config_test.yml
index 66c4a8c8..122b6997 100644
--- a/app/config/config_test.yml
+++ b/app/config/config_test.yml
@@ -12,9 +12,6 @@ web_profiler:
     toolbar: false
     intercept_redirects: false
 
-swiftmailer:
-    disable_delivery: true
-
 nelmio_security:
     csp:
         img: [ self, 'data:' ]
diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist
index c5e8ab42..d78d7e67 100644
--- a/app/config/parameters.yml.dist
+++ b/app/config/parameters.yml.dist
@@ -39,6 +39,11 @@ parameters:
     enabled_second_factors:
         - sms
         - yubikey
+    enabled_generic_second_factors:
+            biometric:
+                loa: 3
+            tiqr:
+                loa: 3
     graylog_hostname: 'g2-dev.stepup.coin.surf.net'
     asset_version: 1
 
diff --git a/app/config/samlstepupproviders.yml b/app/config/samlstepupproviders.yml
index 9babdc07..615857dc 100644
--- a/app/config/samlstepupproviders.yml
+++ b/app/config/samlstepupproviders.yml
@@ -18,6 +18,11 @@ surfnet_stepup_ra_saml_stepup_provider:
                 entity_id: %gssp_tiqr_remote_entity_id%
                 sso_url: %gssp_tiqr_remote_sso_url%
                 certificate: %gssp_tiqr_remote_certificate%
+            view_config:
+                page_title: %gssp_tiqr_page_title%
+                explanation: %gssp_tiqr_explanation%
+                initiate: %gssp_tiqr_initiate%
+                gssf_id_mismatch: %gssp_tiqr_gssf_id_mismatch%
         biometric:
             hosted:
                 service_provider:
@@ -30,3 +35,8 @@ surfnet_stepup_ra_saml_stepup_provider:
                 entity_id: %gssp_biometric_remote_entity_id%
                 sso_url: %gssp_biometric_remote_sso_url%
                 certificate: %gssp_biometric_remote_certificate%
+            view_config:
+                page_title: %gssp_biometric_page_title%
+                explanation: %gssp_biometric_explanation%
+                initiate: %gssp_biometric_initiate%
+                gssf_id_mismatch: %gssp_biometric_gssf_id_mismatch%
\ No newline at end of file
diff --git a/app/config/samlstepupproviders_parameters.yml.dist b/app/config/samlstepupproviders_parameters.yml.dist
index d04af2ff..bcddceb2 100644
--- a/app/config/samlstepupproviders_parameters.yml.dist
+++ b/app/config/samlstepupproviders_parameters.yml.dist
@@ -6,6 +6,18 @@ parameters:
     gssp_tiqr_remote_entity_id: 'https://actual-gssp.entity-id.tld'
     gssp_tiqr_remote_sso_url: 'https://actual-gssp.entity-id.tld/single-sign-on/url'
     gssp_tiqr_remote_certificate: 'The contents of the certificate published by the gssp'
+    gssp_tiqr_page_title:
+        en_GB: 'EN ra.vetting.gssf.initiate.tiqr.title.page'
+        nl_NL: 'NL ra.vetting.gssf.initiate.tiqr.title.page'
+    gssp_tiqr_explanation: 
+        en_GB: 'EN ra.vetting.gssf.initiate.tiqr.text.explanation'
+        nl_NL: 'NL ra.vetting.gssf.initiate.tiqr.text.explanation'
+    gssp_tiqr_initiate:
+        en_GB: 'EN ra.vetting.gssf.initiate.tiqr.button.initiate'
+        nl_NL: 'NL ra.vetting.gssf.initiate.tiqr.button.initiate'
+    gssp_tiqr_gssf_id_mismatch: 
+        en_GB: 'EN ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch'
+        nl_NL: 'NL ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch'
     gssp_biometric_sp_publickey: '/full/path/to/the/gateway-as-sp/public-key-file.cer'
     gssp_biometric_sp_privatekey: '/full/path/to/the/gateway-as-sp/private-key-file.pem'
     gssp_biometric_metadata_publickey: '/full/path/to/the/gateway-metadata/public-key-file.cer'
@@ -13,3 +25,15 @@ parameters:
     gssp_biometric_remote_entity_id: 'https://actual-gssp.entity-id.tld'
     gssp_biometric_remote_sso_url: 'https://actual-gssp.entity-id.tld/single-sign-on/url'
     gssp_biometric_remote_certificate: 'The contents of the certificate published by the gssp'
+    gssp_biometric_page_title:
+        en_GB: 'EN ra.vetting.gssf.initiate.biometric.title.page'
+        nl_NL: 'NL ra.vetting.gssf.initiate.biometric.title.page'
+    gssp_biometric_explanation:
+        en_GB: 'EN ra.vetting.gssf.initiate.biometric.text.explanation'
+        nl_NL: 'NL ra.vetting.gssf.initiate.biometric.text.explanation'
+    gssp_biometric_initiate:
+        en_GB: 'EN ra.vetting.gssf.initiate.biometric.button.initiate'
+        nl_NL: 'NL ra.vetting.gssf.initiate.biometric.button.initiate'
+    gssp_biometric_gssf_id_mismatch:
+        en_GB: 'EN ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch'
+        nl_NL: 'NL ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch'
\ No newline at end of file
diff --git a/composer.json b/composer.json
index 6a5d119e..1d5af0fa 100644
--- a/composer.json
+++ b/composer.json
@@ -25,10 +25,9 @@
         "jms/di-extra-bundle": "~1.4.0",
         "surfnet/stepup-middleware-client-bundle": "^2.0",
         "surfnet/stepup-saml-bundle": "^2.5",
-        "surfnet/stepup-bundle": "^1.7",
+        "surfnet/stepup-bundle": "^2.0",
         "surfnet/stepup-u2f-bundle": "dev-develop",
         "guzzlehttp/guzzle": "^6",
-        "symfony/swiftmailer-bundle": "~2.3",
         "knplabs/knp-paginator-bundle": "~2.4",
         "mopa/composer-bridge": "~1.5",
         "ramsey/uuid": "^3.5"
diff --git a/composer.lock b/composer.lock
index 0875f13f..963c5264 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,8 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
         "This file is @generated automatically"
     ],
-    "hash": "531daa2b9405ac57d4baca49cf6f4587",
-    "content-hash": "b3bac046adc08a305dd8397db0ae5025",
+    "content-hash": "a58e344cdaaa088e470fbaae634e9ed7",
     "packages": [
         {
             "name": "beberlei/assert",
@@ -58,7 +57,7 @@
                 "assertion",
                 "validation"
             ],
-            "time": "2016-06-20 12:01:28"
+            "time": "2016-06-20T12:01:28+00:00"
         },
         {
             "name": "doctrine/annotations",
@@ -126,7 +125,7 @@
                 "docblock",
                 "parser"
             ],
-            "time": "2015-08-31 12:32:49"
+            "time": "2015-08-31T12:32:49+00:00"
         },
         {
             "name": "doctrine/cache",
@@ -196,7 +195,7 @@
                 "cache",
                 "caching"
             ],
-            "time": "2015-12-31 16:37:02"
+            "time": "2015-12-31T16:37:02+00:00"
         },
         {
             "name": "doctrine/collections",
@@ -262,7 +261,7 @@
                 "collections",
                 "iterator"
             ],
-            "time": "2015-04-14 22:21:58"
+            "time": "2015-04-14T22:21:58+00:00"
         },
         {
             "name": "doctrine/common",
@@ -335,7 +334,7 @@
                 "persistence",
                 "spl"
             ],
-            "time": "2015-12-25 13:18:31"
+            "time": "2015-12-25T13:18:31+00:00"
         },
         {
             "name": "doctrine/inflector",
@@ -402,7 +401,7 @@
                 "singularize",
                 "string"
             ],
-            "time": "2015-11-06 14:35:42"
+            "time": "2015-11-06T14:35:42+00:00"
         },
         {
             "name": "doctrine/lexer",
@@ -456,7 +455,7 @@
                 "lexer",
                 "parser"
             ],
-            "time": "2014-09-09 13:34:57"
+            "time": "2014-09-09T13:34:57+00:00"
         },
         {
             "name": "fortawesome/font-awesome",
@@ -504,7 +503,7 @@
                 "font",
                 "icon"
             ],
-            "time": "2014-08-26 16:36:44"
+            "time": "2014-08-26T16:36:44+00:00"
         },
         {
             "name": "graylog2/gelf-php",
@@ -557,7 +556,7 @@
                 }
             ],
             "description": "A php implementation to send log-messages to a GELF compatible backend like Graylog2.",
-            "time": "2016-06-02 06:04:56"
+            "time": "2016-06-02T06:04:56+00:00"
         },
         {
             "name": "guzzlehttp/guzzle",
@@ -619,7 +618,7 @@
                 "rest",
                 "web service"
             ],
-            "time": "2017-02-28 22:50:30"
+            "time": "2017-02-28T22:50:30+00:00"
         },
         {
             "name": "guzzlehttp/promises",
@@ -670,7 +669,7 @@
             "keywords": [
                 "promise"
             ],
-            "time": "2016-12-20 10:07:11"
+            "time": "2016-12-20T10:07:11+00:00"
         },
         {
             "name": "guzzlehttp/psr7",
@@ -735,7 +734,7 @@
                 "uri",
                 "url"
             ],
-            "time": "2017-02-27 10:51:17"
+            "time": "2017-02-27T10:51:17+00:00"
         },
         {
             "name": "incenteev/composer-parameter-handler",
@@ -786,7 +785,7 @@
             "keywords": [
                 "parameters management"
             ],
-            "time": "2015-11-10 17:04:01"
+            "time": "2015-11-10T17:04:01+00:00"
         },
         {
             "name": "jms/aop-bundle",
@@ -833,7 +832,7 @@
                 "annotations",
                 "aop"
             ],
-            "time": "2015-09-13 09:02:33"
+            "time": "2015-09-13T09:02:33+00:00"
         },
         {
             "name": "jms/cg",
@@ -877,7 +876,7 @@
             "keywords": [
                 "code generation"
             ],
-            "time": "2015-09-13 08:54:43"
+            "time": "2015-09-13T08:54:43+00:00"
         },
         {
             "name": "jms/di-extra-bundle",
@@ -944,7 +943,7 @@
                 "annotations",
                 "dependency injection"
             ],
-            "time": "2013-06-08 13:13:40"
+            "time": "2013-06-08T13:13:40+00:00"
         },
         {
             "name": "jms/metadata",
@@ -996,7 +995,7 @@
                 "xml",
                 "yaml"
             ],
-            "time": "2014-07-12 07:13:19"
+            "time": "2014-07-12T07:13:19+00:00"
         },
         {
             "name": "jms/translation-bundle",
@@ -1070,7 +1069,7 @@
                 "ui",
                 "webinterface"
             ],
-            "time": "2013-06-08 14:08:19"
+            "time": "2013-06-08T14:08:19+00:00"
         },
         {
             "name": "knplabs/knp-components",
@@ -1141,7 +1140,7 @@
                 "pager",
                 "paginator"
             ],
-            "time": "2016-04-21 06:26:20"
+            "time": "2016-04-21T06:26:20+00:00"
         },
         {
             "name": "knplabs/knp-paginator-bundle",
@@ -1202,7 +1201,7 @@
                 "pagination",
                 "paginator"
             ],
-            "time": "2016-04-20 11:40:30"
+            "time": "2016-04-20T11:40:30+00:00"
         },
         {
             "name": "kriswallsmith/assetic",
@@ -1279,7 +1278,7 @@
                 "compression",
                 "minification"
             ],
-            "time": "2015-11-12 13:51:40"
+            "time": "2015-11-12T13:51:40+00:00"
         },
         {
             "name": "monolog/monolog",
@@ -1357,7 +1356,7 @@
                 "logging",
                 "psr-3"
             ],
-            "time": "2016-04-12 18:29:35"
+            "time": "2016-04-12T18:29:35+00:00"
         },
         {
             "name": "moontoast/math",
@@ -1393,7 +1392,7 @@
                 "bcmath",
                 "math"
             ],
-            "time": "2013-01-19 17:42:34"
+            "time": "2013-01-19T17:42:34+00:00"
         },
         {
             "name": "mopa/bootstrap-bundle",
@@ -1465,7 +1464,7 @@
                 "form",
                 "template"
             ],
-            "time": "2015-09-10 17:23:40"
+            "time": "2015-09-10T17:23:40+00:00"
         },
         {
             "name": "mopa/composer-bridge",
@@ -1516,7 +1515,7 @@
                 "Symfony2",
                 "composer"
             ],
-            "time": "2015-10-01 19:20:19"
+            "time": "2015-10-01T19:20:19+00:00"
         },
         {
             "name": "nelmio/security-bundle",
@@ -1568,7 +1567,7 @@
             "keywords": [
                 "security"
             ],
-            "time": "2016-02-23 10:42:13"
+            "time": "2016-02-23T10:42:13+00:00"
         },
         {
             "name": "nikic/php-parser",
@@ -1607,7 +1606,7 @@
                 "parser",
                 "php"
             ],
-            "time": "2012-04-23 22:52:11"
+            "time": "2012-04-23T22:52:11+00:00"
         },
         {
             "name": "paragonie/random_compat",
@@ -1655,7 +1654,7 @@
                 "pseudorandom",
                 "random"
             ],
-            "time": "2016-03-18 20:34:03"
+            "time": "2016-03-18T20:34:03+00:00"
         },
         {
             "name": "psr/http-message",
@@ -1705,7 +1704,7 @@
                 "request",
                 "response"
             ],
-            "time": "2016-08-06 14:39:51"
+            "time": "2016-08-06T14:39:51+00:00"
         },
         {
             "name": "psr/log",
@@ -1752,7 +1751,7 @@
                 "psr",
                 "psr-3"
             ],
-            "time": "2016-10-10 12:19:37"
+            "time": "2016-10-10T12:19:37+00:00"
         },
         {
             "name": "ramsey/uuid",
@@ -1832,7 +1831,7 @@
                 "identifier",
                 "uuid"
             ],
-            "time": "2016-08-02 18:39:32"
+            "time": "2016-08-02T18:39:32+00:00"
         },
         {
             "name": "robrichards/xmlseclibs",
@@ -1873,7 +1872,7 @@
                 "xml",
                 "xmldsig"
             ],
-            "time": "2016-09-08 13:31:44"
+            "time": "2016-09-08T13:31:44+00:00"
         },
         {
             "name": "sensio/distribution-bundle",
@@ -1933,7 +1932,7 @@
                 "configuration",
                 "distribution"
             ],
-            "time": "2015-06-05 22:32:22"
+            "time": "2015-06-05T22:32:22+00:00"
         },
         {
             "name": "sensio/framework-extra-bundle",
@@ -1995,7 +1994,7 @@
                 "annotations",
                 "controllers"
             ],
-            "time": "2016-03-25 17:08:27"
+            "time": "2016-03-25T17:08:27+00:00"
         },
         {
             "name": "sensiolabs/security-checker",
@@ -2040,7 +2039,7 @@
                 }
             ],
             "description": "A security checker for your composer.lock",
-            "time": "2015-05-28 14:22:40"
+            "time": "2015-05-28T14:22:40+00:00"
         },
         {
             "name": "simplesamlphp/saml2",
@@ -2089,20 +2088,20 @@
                 }
             ],
             "description": "SAML2 PHP library from SimpleSAMLphp",
-            "time": "2016-12-02 12:15:53"
+            "time": "2016-12-02T12:15:53+00:00"
         },
         {
             "name": "surfnet/stepup-bundle",
-            "version": "1.7.0",
+            "version": "2.0.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/OpenConext/Stepup-bundle.git",
-                "reference": "084b1e11781ca3f526e32a486f75a7e6a953e5fc"
+                "reference": "0766c91a6b391739d9fe4693f684ef1332342df4"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/OpenConext/Stepup-bundle/zipball/084b1e11781ca3f526e32a486f75a7e6a953e5fc",
-                "reference": "084b1e11781ca3f526e32a486f75a7e6a953e5fc",
+                "url": "https://api.github.com/repos/OpenConext/Stepup-bundle/zipball/0766c91a6b391739d9fe4693f684ef1332342df4",
+                "reference": "0766c91a6b391739d9fe4693f684ef1332342df4",
                 "shasum": ""
             },
             "require": {
@@ -2146,7 +2145,7 @@
                 "suaas",
                 "surfnet"
             ],
-            "time": "2017-03-07 13:44:04"
+            "time": "2017-06-14T13:03:51+00:00"
         },
         {
             "name": "surfnet/stepup-middleware-client-bundle",
@@ -2199,7 +2198,7 @@
                 "Apache-2.0"
             ],
             "description": "Symfony2 bundle for consuming the Step-up Middleware API.",
-            "time": "2017-03-07 14:10:57"
+            "time": "2017-03-07T14:10:57+00:00"
         },
         {
             "name": "surfnet/stepup-saml-bundle",
@@ -2247,7 +2246,7 @@
                 "stepup",
                 "surfnet"
             ],
-            "time": "2016-07-01 09:33:44"
+            "time": "2016-07-01T09:33:44+00:00"
         },
         {
             "name": "surfnet/stepup-u2f-bundle",
@@ -2291,59 +2290,6 @@
             "description": "The SURFnet Step-up U2F bundle contains server-side device verification, and the necessary forms and resources to enable client-side U2F interaction with Step-up Identities",
             "time": "2015-09-17 15:02:04"
         },
-        {
-            "name": "swiftmailer/swiftmailer",
-            "version": "v5.4.2",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/swiftmailer/swiftmailer.git",
-                "reference": "d8db871a54619458a805229a057ea2af33c753e8"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/swiftmailer/swiftmailer/zipball/d8db871a54619458a805229a057ea2af33c753e8",
-                "reference": "d8db871a54619458a805229a057ea2af33c753e8",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=5.3.3"
-            },
-            "require-dev": {
-                "mockery/mockery": "~0.9.1,<0.9.4"
-            },
-            "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-master": "5.4-dev"
-                }
-            },
-            "autoload": {
-                "files": [
-                    "lib/swift_required.php"
-                ]
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Chris Corbyn"
-                },
-                {
-                    "name": "Fabien Potencier",
-                    "email": "fabien@symfony.com"
-                }
-            ],
-            "description": "Swiftmailer, free feature-rich PHP mailer",
-            "homepage": "http://swiftmailer.org",
-            "keywords": [
-                "email",
-                "mail",
-                "mailer"
-            ],
-            "time": "2016-05-01 08:45:47"
-        },
         {
             "name": "symfony/assetic-bundle",
             "version": "v2.8.0",
@@ -2412,7 +2358,7 @@
                 "compression",
                 "minification"
             ],
-            "time": "2015-12-28 13:12:39"
+            "time": "2015-12-28T13:12:39+00:00"
         },
         {
             "name": "symfony/monolog-bundle",
@@ -2472,7 +2418,7 @@
                 "log",
                 "logging"
             ],
-            "time": "2016-04-13 16:21:01"
+            "time": "2016-04-13T16:21:01+00:00"
         },
         {
             "name": "symfony/polyfill-apcu",
@@ -2525,7 +2471,7 @@
                 "portable",
                 "shim"
             ],
-            "time": "2016-05-18 14:26:46"
+            "time": "2016-05-18T14:26:46+00:00"
         },
         {
             "name": "symfony/polyfill-mbstring",
@@ -2584,64 +2530,7 @@
                 "portable",
                 "shim"
             ],
-            "time": "2016-05-18 14:26:46"
-        },
-        {
-            "name": "symfony/swiftmailer-bundle",
-            "version": "v2.3.11",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/symfony/swiftmailer-bundle.git",
-                "reference": "5e1a90f28213231ceee19c953bbebc5b5b95c690"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/swiftmailer-bundle/zipball/5e1a90f28213231ceee19c953bbebc5b5b95c690",
-                "reference": "5e1a90f28213231ceee19c953bbebc5b5b95c690",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=5.3.2",
-                "swiftmailer/swiftmailer": ">=4.2.0,~5.0",
-                "symfony/config": "~2.3|~3.0",
-                "symfony/dependency-injection": "~2.3|~3.0",
-                "symfony/http-kernel": "~2.3|~3.0",
-                "symfony/yaml": "~2.3|~3.0"
-            },
-            "require-dev": {
-                "symfony/phpunit-bridge": "~2.7|~3.0"
-            },
-            "suggest": {
-                "psr/log": "Allows logging"
-            },
-            "type": "symfony-bundle",
-            "extra": {
-                "branch-alias": {
-                    "dev-master": "2.3-dev"
-                }
-            },
-            "autoload": {
-                "psr-4": {
-                    "Symfony\\Bundle\\SwiftmailerBundle\\": ""
-                }
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Symfony Community",
-                    "homepage": "http://symfony.com/contributors"
-                },
-                {
-                    "name": "Fabien Potencier",
-                    "email": "fabien@symfony.com"
-                }
-            ],
-            "description": "Symfony SwiftmailerBundle",
-            "homepage": "http://symfony.com",
-            "time": "2016-01-15 16:41:20"
+            "time": "2016-05-18T14:26:46+00:00"
         },
         {
             "name": "symfony/symfony",
@@ -2768,7 +2657,7 @@
             "keywords": [
                 "framework"
             ],
-            "time": "2016-06-06 15:23:39"
+            "time": "2016-06-06T15:23:39+00:00"
         },
         {
             "name": "twbs/bootstrap",
@@ -2819,7 +2708,7 @@
                 "responsive",
                 "web"
             ],
-            "time": "2014-06-26 16:36:48"
+            "time": "2014-06-26T16:36:48+00:00"
         },
         {
             "name": "twig/extensions",
@@ -2871,7 +2760,7 @@
                 "i18n",
                 "text"
             ],
-            "time": "2015-08-22 16:38:35"
+            "time": "2015-08-22T16:38:35+00:00"
         },
         {
             "name": "twig/twig",
@@ -2933,7 +2822,7 @@
             "keywords": [
                 "templating"
             ],
-            "time": "2017-02-27 00:07:03"
+            "time": "2017-02-27T00:07:03+00:00"
         },
         {
             "name": "yubico/u2flib-server",
@@ -2964,7 +2853,7 @@
             ],
             "description": "Library for U2F implementation",
             "homepage": "https://developers.yubico.com/php-u2flib-server",
-            "time": "2015-03-03 08:05:16"
+            "time": "2015-03-03T08:05:16+00:00"
         }
     ],
     "packages-dev": [
@@ -3020,7 +2909,7 @@
                 "constructor",
                 "instantiate"
             ],
-            "time": "2015-06-14 21:17:01"
+            "time": "2015-06-14T21:17:01+00:00"
         },
         {
             "name": "guzzlehttp/streams",
@@ -3073,7 +2962,7 @@
                 "Guzzle",
                 "stream"
             ],
-            "time": "2014-08-17 21:15:53"
+            "time": "2014-08-17T21:15:53+00:00"
         },
         {
             "name": "hamcrest/hamcrest-php",
@@ -3118,7 +3007,7 @@
             "keywords": [
                 "test"
             ],
-            "time": "2015-05-11 14:41:42"
+            "time": "2015-05-11T14:41:42+00:00"
         },
         {
             "name": "liip/rmt",
@@ -3177,7 +3066,7 @@
                 "vcs tag",
                 "version"
             ],
-            "time": "2015-05-06 20:11:13"
+            "time": "2015-05-06T20:11:13+00:00"
         },
         {
             "name": "matthiasnoback/symfony-config-test",
@@ -3225,19 +3114,19 @@
                 "phpunit",
                 "symfony"
             ],
-            "time": "2015-11-25 21:40:32"
+            "time": "2015-11-25T21:40:32+00:00"
         },
         {
             "name": "mockery/mockery",
             "version": "0.9.5",
             "source": {
                 "type": "git",
-                "url": "https://github.com/padraic/mockery.git",
+                "url": "https://github.com/mockery/mockery.git",
                 "reference": "4db079511a283e5aba1b3c2fb19037c645e70fc2"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/padraic/mockery/zipball/4db079511a283e5aba1b3c2fb19037c645e70fc2",
+                "url": "https://api.github.com/repos/mockery/mockery/zipball/4db079511a283e5aba1b3c2fb19037c645e70fc2",
                 "reference": "4db079511a283e5aba1b3c2fb19037c645e70fc2",
                 "shasum": ""
             },
@@ -3290,7 +3179,7 @@
                 "test double",
                 "testing"
             ],
-            "time": "2016-05-22 21:52:33"
+            "time": "2016-05-22T21:52:33+00:00"
         },
         {
             "name": "pdepend/pdepend",
@@ -3330,7 +3219,7 @@
                 "BSD-3-Clause"
             ],
             "description": "Official version of pdepend to be handled with Composer",
-            "time": "2017-01-19 14:23:36"
+            "time": "2017-01-19T14:23:36+00:00"
         },
         {
             "name": "phpdocumentor/reflection-common",
@@ -3384,7 +3273,7 @@
                 "reflection",
                 "static analysis"
             ],
-            "time": "2015-12-27 11:43:31"
+            "time": "2015-12-27T11:43:31+00:00"
         },
         {
             "name": "phpdocumentor/reflection-docblock",
@@ -3429,7 +3318,7 @@
                 }
             ],
             "description": "With this component, a library can provide support for annotations via DocBlocks or otherwise retrieve information that is embedded in a DocBlock.",
-            "time": "2016-09-30 07:12:33"
+            "time": "2016-09-30T07:12:33+00:00"
         },
         {
             "name": "phpdocumentor/type-resolver",
@@ -3476,7 +3365,7 @@
                     "email": "me@mikevanriel.com"
                 }
             ],
-            "time": "2016-11-25 06:54:22"
+            "time": "2016-11-25T06:54:22+00:00"
         },
         {
             "name": "phpmd/phpmd",
@@ -3542,7 +3431,7 @@
                 "phpmd",
                 "pmd"
             ],
-            "time": "2017-01-20 14:41:10"
+            "time": "2017-01-20T14:41:10+00:00"
         },
         {
             "name": "phpspec/prophecy",
@@ -3605,7 +3494,7 @@
                 "spy",
                 "stub"
             ],
-            "time": "2017-03-02 20:05:34"
+            "time": "2017-03-02T20:05:34+00:00"
         },
         {
             "name": "phpunit/php-code-coverage",
@@ -3667,7 +3556,7 @@
                 "testing",
                 "xunit"
             ],
-            "time": "2015-10-06 15:47:00"
+            "time": "2015-10-06T15:47:00+00:00"
         },
         {
             "name": "phpunit/php-file-iterator",
@@ -3714,7 +3603,7 @@
                 "filesystem",
                 "iterator"
             ],
-            "time": "2016-10-03 07:40:28"
+            "time": "2016-10-03T07:40:28+00:00"
         },
         {
             "name": "phpunit/php-text-template",
@@ -3755,7 +3644,7 @@
             "keywords": [
                 "template"
             ],
-            "time": "2015-06-21 13:50:34"
+            "time": "2015-06-21T13:50:34+00:00"
         },
         {
             "name": "phpunit/php-timer",
@@ -3804,7 +3693,7 @@
             "keywords": [
                 "timer"
             ],
-            "time": "2017-02-26 11:10:40"
+            "time": "2017-02-26T11:10:40+00:00"
         },
         {
             "name": "phpunit/php-token-stream",
@@ -3853,7 +3742,7 @@
             "keywords": [
                 "tokenizer"
             ],
-            "time": "2017-02-27 10:12:30"
+            "time": "2017-02-27T10:12:30+00:00"
         },
         {
             "name": "phpunit/phpunit",
@@ -3925,7 +3814,7 @@
                 "testing",
                 "xunit"
             ],
-            "time": "2017-02-06 05:18:07"
+            "time": "2017-02-06T05:18:07+00:00"
         },
         {
             "name": "phpunit/phpunit-mock-objects",
@@ -3981,7 +3870,7 @@
                 "mock",
                 "xunit"
             ],
-            "time": "2015-10-02 06:51:40"
+            "time": "2015-10-02T06:51:40+00:00"
         },
         {
             "name": "sebastian/comparator",
@@ -4045,7 +3934,7 @@
                 "compare",
                 "equality"
             ],
-            "time": "2017-01-29 09:50:25"
+            "time": "2017-01-29T09:50:25+00:00"
         },
         {
             "name": "sebastian/diff",
@@ -4097,7 +3986,7 @@
             "keywords": [
                 "diff"
             ],
-            "time": "2015-12-08 07:14:41"
+            "time": "2015-12-08T07:14:41+00:00"
         },
         {
             "name": "sebastian/environment",
@@ -4147,7 +4036,7 @@
                 "environment",
                 "hhvm"
             ],
-            "time": "2016-08-18 05:49:44"
+            "time": "2016-08-18T05:49:44+00:00"
         },
         {
             "name": "sebastian/exporter",
@@ -4214,7 +4103,7 @@
                 "export",
                 "exporter"
             ],
-            "time": "2016-06-17 09:04:28"
+            "time": "2016-06-17T09:04:28+00:00"
         },
         {
             "name": "sebastian/finder-facade",
@@ -4253,7 +4142,7 @@
             ],
             "description": "FinderFacade is a convenience wrapper for Symfony's Finder component.",
             "homepage": "https://github.com/sebastianbergmann/finder-facade",
-            "time": "2016-02-17 07:02:23"
+            "time": "2016-02-17T07:02:23+00:00"
         },
         {
             "name": "sebastian/global-state",
@@ -4304,7 +4193,7 @@
             "keywords": [
                 "global state"
             ],
-            "time": "2015-10-12 03:26:01"
+            "time": "2015-10-12T03:26:01+00:00"
         },
         {
             "name": "sebastian/phpcpd",
@@ -4355,7 +4244,7 @@
             ],
             "description": "Copy/Paste Detector (CPD) for PHP code.",
             "homepage": "https://github.com/sebastianbergmann/phpcpd",
-            "time": "2016-04-17 19:32:49"
+            "time": "2016-04-17T19:32:49+00:00"
         },
         {
             "name": "sebastian/recursion-context",
@@ -4408,7 +4297,7 @@
             ],
             "description": "Provides functionality to recursively process PHP variables",
             "homepage": "http://www.github.com/sebastianbergmann/recursion-context",
-            "time": "2015-11-11 19:50:13"
+            "time": "2015-11-11T19:50:13+00:00"
         },
         {
             "name": "sebastian/version",
@@ -4443,7 +4332,7 @@
             ],
             "description": "Library that helps with managing the version number of Git-hosted PHP projects",
             "homepage": "https://github.com/sebastianbergmann/version",
-            "time": "2015-06-21 13:59:46"
+            "time": "2015-06-21T13:59:46+00:00"
         },
         {
             "name": "sensio/generator-bundle",
@@ -4491,7 +4380,7 @@
                 }
             ],
             "description": "This bundle generates code for you",
-            "time": "2015-03-17 06:36:52"
+            "time": "2015-03-17T06:36:52+00:00"
         },
         {
             "name": "squizlabs/php_codesniffer",
@@ -4566,7 +4455,7 @@
                 "phpcs",
                 "standards"
             ],
-            "time": "2014-12-04 22:32:15"
+            "time": "2014-12-04T22:32:15+00:00"
         },
         {
             "name": "theseer/fdomdocument",
@@ -4606,7 +4495,7 @@
             ],
             "description": "The classes contained within this repository extend the standard DOM to use exceptions at all occasions of errors instead of PHP warnings or notices. They also add various custom methods and shortcuts for convenience and to simplify the usage of DOM.",
             "homepage": "https://github.com/theseer/fDOMDocument",
-            "time": "2015-05-27 22:58:02"
+            "time": "2015-05-27T22:58:02+00:00"
         },
         {
             "name": "vierbergenlars/php-semver",
@@ -4658,7 +4547,7 @@
                 "semver",
                 "versioning"
             ],
-            "time": "2015-05-02 19:28:54"
+            "time": "2015-05-02T19:28:54+00:00"
         },
         {
             "name": "webmozart/assert",
@@ -4708,7 +4597,7 @@
                 "check",
                 "validate"
             ],
-            "time": "2016-11-23 20:04:58"
+            "time": "2016-11-23T20:04:58+00:00"
         }
     ],
     "aliases": [],
diff --git a/src/Surfnet/StepupRa/RaBundle/Controller/Vetting/GssfController.php b/src/Surfnet/StepupRa/RaBundle/Controller/Vetting/GssfController.php
index 37b344e5..c3203f69 100644
--- a/src/Surfnet/StepupRa/RaBundle/Controller/Vetting/GssfController.php
+++ b/src/Surfnet/StepupRa/RaBundle/Controller/Vetting/GssfController.php
@@ -25,6 +25,7 @@
 use Surfnet\SamlBundle\SAML2\Response\Assertion\InResponseTo;
 use Surfnet\StepupRa\RaBundle\Exception\RuntimeException;
 use Surfnet\StepupRa\RaBundle\Service\VettingService;
+use Surfnet\StepupRa\SamlStepupProviderBundle\Provider\ViewConfig;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
@@ -253,11 +254,28 @@ private function getVettingService()
      */
     private function renderInitiateForm($procedureId, $provider, array $parameters = [])
     {
-        $form = $this->createForm('ra_initiate_gssf', null, ['procedureId' => $procedureId, 'provider' => $provider]);
+        /** @var ViewConfig $secondFactorConfig */
+        $secondFactorConfig = $this->get("gssp.view_config.{$provider}");
+
+        $form = $this->createForm(
+            'ra_initiate_gssf',
+            null,
+            [
+                'procedureId' => $procedureId,
+                'provider' => $provider,
+                /** @Ignore from translation message extraction */
+                'label' => $secondFactorConfig->getInitiate()
+            ]
+        );
 
         $templateParameters = array_merge(
             $parameters,
-            ['form' => $form->createView(), 'procedureId' => $procedureId, 'provider' => $provider]
+            [
+                'form' => $form->createView(),
+                'procedureId' => $procedureId,
+                'provider' => $provider,
+                'secondFactorConfig' => $secondFactorConfig
+            ]
         );
 
         return $this->render('SurfnetStepupRaRaBundle:Vetting/Gssf:initiate.html.twig', $templateParameters);
diff --git a/src/Surfnet/StepupRa/RaBundle/DependencyInjection/Configuration.php b/src/Surfnet/StepupRa/RaBundle/DependencyInjection/Configuration.php
index c628e896..e4fdf999 100644
--- a/src/Surfnet/StepupRa/RaBundle/DependencyInjection/Configuration.php
+++ b/src/Surfnet/StepupRa/RaBundle/DependencyInjection/Configuration.php
@@ -18,9 +18,6 @@
 
 namespace Surfnet\StepupRa\RaBundle\DependencyInjection;
 
-use Surfnet\StepupBundle\Exception\DomainException;
-use Surfnet\StepupBundle\Exception\InvalidArgumentException;
-use Surfnet\StepupBundle\Value\SecondFactorType;
 use Symfony\Component\Config\Definition\Builder\NodeBuilder;
 use Symfony\Component\Config\Definition\Builder\TreeBuilder;
 use Symfony\Component\Config\Definition\ConfigurationInterface;
@@ -68,25 +65,17 @@ private function appendSecondFactorTypesConfiguration(NodeBuilder $childNodes)
             ->arrayNode('enabled_second_factors')
                 ->isRequired()
                 ->prototype('scalar')
-                    ->validate()
-                        ->ifTrue(
-                            function ($type) {
-                                try {
-                                    new SecondFactorType($type);
-                                } catch (InvalidArgumentException $e) {
-                                    return true;
-                                } catch (DomainException $e) {
-                                    return true;
-                                }
-                            }
-                        )
-                        ->thenInvalid(
-                            'Enabled second factor type "%s" is not one of the valid types. See SecondFactorType'
-                        )
-                    ->end()
+            ->end();
+        $childNodes
+            ->arrayNode('enabled_generic_second_factors')
+                ->isRequired()
+                ->prototype('array')
+                ->children()
+                    ->scalarNode('loa')
+                    ->isRequired()
+                    ->info('The lao level of the Gssf')
                 ->end()
-            ->end()
-        ->end();
+            ->end();
     }
 
     /**
diff --git a/src/Surfnet/StepupRa/RaBundle/DependencyInjection/SurfnetStepupRaRaExtension.php b/src/Surfnet/StepupRa/RaBundle/DependencyInjection/SurfnetStepupRaRaExtension.php
index eea12e6a..5a8c8792 100644
--- a/src/Surfnet/StepupRa/RaBundle/DependencyInjection/SurfnetStepupRaRaExtension.php
+++ b/src/Surfnet/StepupRa/RaBundle/DependencyInjection/SurfnetStepupRaRaExtension.php
@@ -40,7 +40,11 @@ public function load(array $configs, ContainerBuilder $container)
         // inject the required loa as parameter into the service container
         $container->setParameter('surfnet_stepup_ra.security.required_loa', $config['required_loa']);
 
-        $container->setParameter('surfnet_stepup_ra.enabled_second_factors', $config['enabled_second_factors']);
+        $gssfSecondFactors = array_keys($config['enabled_generic_second_factors']);
+        $container->setParameter(
+            'surfnet_stepup_ra.enabled_second_factors',
+            array_merge($config['enabled_second_factors'], $gssfSecondFactors)
+        );
 
         $container->setParameter(
             'ra.security.authentication.session.maximum_absolute_lifetime_in_seconds',
diff --git a/src/Surfnet/StepupRa/RaBundle/Form/Type/InitiateGssfType.php b/src/Surfnet/StepupRa/RaBundle/Form/Type/InitiateGssfType.php
index b4e915e4..41b552f3 100644
--- a/src/Surfnet/StepupRa/RaBundle/Form/Type/InitiateGssfType.php
+++ b/src/Surfnet/StepupRa/RaBundle/Form/Type/InitiateGssfType.php
@@ -45,7 +45,8 @@ public function buildForm(FormBuilderInterface $builder, array $options)
         $builder
             ->add('submit', 'submit', [
                 'attr'  => ['class' => 'btn btn-primary'],
-                'label' => /** @Ignore */ 'ra.vetting.gssf.initiate.' . $options['provider'] . '.button.initiate'
+                /** @Ignore */
+                'label' => $options['label']
             ])
             ->setAction($action);
     }
diff --git a/src/Surfnet/StepupRa/RaBundle/Resources/config/services.yml b/src/Surfnet/StepupRa/RaBundle/Resources/config/services.yml
index 76f3da7c..fe48a51d 100644
--- a/src/Surfnet/StepupRa/RaBundle/Resources/config/services.yml
+++ b/src/Surfnet/StepupRa/RaBundle/Resources/config/services.yml
@@ -100,6 +100,7 @@ services:
             - "@ra.repository.vetting_procedure"
             - "@translator"
             - "@ra.service.identity"
+            - "@surfnet_stepup.service.second_factor_type"
 
     ra.service.yubikey:
         public: false
@@ -185,6 +186,7 @@ services:
             - "@surfnet_stepup_middleware_client.identity.service.ra_candidate"
             - "@ra.service.command"
             - "@logger"
+            - "@surfnet_stepup.service.second_factor_type"
 
     ra.service.ra_location:
         class: Surfnet\StepupRa\RaBundle\Service\RaLocationService
diff --git a/src/Surfnet/StepupRa/RaBundle/Resources/views/Vetting/Gssf/initiate.html.twig b/src/Surfnet/StepupRa/RaBundle/Resources/views/Vetting/Gssf/initiate.html.twig
index 070fdf30..c80b767b 100644
--- a/src/Surfnet/StepupRa/RaBundle/Resources/views/Vetting/Gssf/initiate.html.twig
+++ b/src/Surfnet/StepupRa/RaBundle/Resources/views/Vetting/Gssf/initiate.html.twig
@@ -1,6 +1,6 @@
 {% extends "::base.html.twig" %}
 
-{% block page_title %}{{ ('ra.vetting.gssf.initiate.' ~ provider ~ '.title.page')|trans }}{% endblock %}
+{% block page_title %}{{ secondFactorConfig.getPageTitle() }}{% endblock %}
 
 {% block page_header %}
     {{ parent() }}
@@ -11,26 +11,12 @@
 {% block content %}
     <h2>{{ block('page_title') }}</h2>
 
-    <p>
-    <ul><!-- TODO translate using translations.twig and messages.LANG.xliff -->
-        <li>
-            In de volgende stap moet de registrant met zijn smartphone aantonen dat hij een tiqr-account geregistreerd heeft
-        </li>
-        <li>
-            Na het succesvol verifiëren van het tiqr account, keer je terug in stap 3 deze applicatie
-        </li>
-        <li>
-            Klik vervolgens op ‘{{ ('ra.vetting.gssf.initiate.' ~ provider ~ '.button.initiate')|trans }}’ om verder te gaan.
-        </li>
-    </ul>
-    </p>
-
-    <!-- TODO p>{{ ('ra.vetting.gssf.initiate.' ~ provider ~ '.text.explanation')|trans }}</p -->
+    <p>{{ secondFactorConfig.getExplanation() }}</p>
 
     <hr>
 
     {% if gssfIdMismatch is defined %}
-        <div class="alert alert-danger">{{ ('ra.vetting.gssf.initiate.' ~ provider ~ '.error.gssf_id_mismatch')|trans }}</div>
+        <div class="alert alert-danger">{{ secondFactorConfig.getGssfIdMismatch() }}</div>
     {% endif %}
     {{ form(form) }}
 
diff --git a/src/Surfnet/StepupRa/RaBundle/Resources/views/translations.html.twig b/src/Surfnet/StepupRa/RaBundle/Resources/views/translations.html.twig
index 1d1b0a49..6191101c 100644
--- a/src/Surfnet/StepupRa/RaBundle/Resources/views/translations.html.twig
+++ b/src/Surfnet/StepupRa/RaBundle/Resources/views/translations.html.twig
@@ -36,16 +36,6 @@
 {{ 'ra.second_factor.search.status.vetted'|trans }}
 {{ 'ra.second_factor.search.status.revoked'|trans }}
 
-{# GssfController #}
-{{ ('ra.vetting.gssf.initiate.tiqr.title.page')|trans }}
-{{ ('ra.vetting.gssf.initiate.tiqr.text.explanation')|trans }}
-{{ ('ra.vetting.gssf.initiate.tiqr.button.initiate')|trans }}
-{{ ('ra.vetting.gssf.initiate.tiqr.error.gssf_id_mismatch')|trans }}
-{{ ('ra.vetting.gssf.initiate.biometric.title.page')|trans }}
-{{ ('ra.vetting.gssf.initiate.biometric.text.explanation')|trans }}
-{{ ('ra.vetting.gssf.initiate.biometric.button.initiate')|trans }}
-{{ ('ra.vetting.gssf.initiate.biometric.error.gssf_id_mismatch')|trans }}
-
 {# RaRoleChoiceList labels #}
 {{ ('ra.form.extension.ra_role_choice.ra'|trans) }}
 {{ ('ra.form.extension.ra_role_choice.raa'|trans) }}
diff --git a/src/Surfnet/StepupRa/RaBundle/Service/RaCandidateService.php b/src/Surfnet/StepupRa/RaBundle/Service/RaCandidateService.php
index 70f90ac5..41a59369 100644
--- a/src/Surfnet/StepupRa/RaBundle/Service/RaCandidateService.php
+++ b/src/Surfnet/StepupRa/RaBundle/Service/RaCandidateService.php
@@ -19,6 +19,7 @@
 namespace Surfnet\StepupRa\RaBundle\Service;
 
 use Psr\Log\LoggerInterface;
+use Surfnet\StepupBundle\Service\SecondFactorTypeService;
 use Surfnet\StepupBundle\Value\Loa;
 use Surfnet\StepupBundle\Value\SecondFactorType;
 use Surfnet\StepupMiddlewareClient\Identity\Dto\RaCandidateSearchQuery;
@@ -28,6 +29,9 @@
 use Surfnet\StepupRa\RaBundle\Command\SearchRaCandidatesCommand;
 use Surfnet\StepupRa\RaBundle\Exception\InvalidArgumentException;
 
+/**
+ * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
+ */
 class RaCandidateService
 {
     /**
@@ -45,14 +49,21 @@ class RaCandidateService
      */
     private $logger;
 
+    /**
+     * @var SecondFactorTypeService
+     */
+    private $secondFactorTypeService;
+
     public function __construct(
         ApiRaCandidateService $raCandidateService,
         CommandService $commandService,
-        LoggerInterface $logger
+        LoggerInterface $logger,
+        SecondFactorTypeService $secondFactorTypeService
     ) {
         $this->apiRaCandidateService = $raCandidateService;
         $this->commandService = $commandService;
         $this->logger = $logger;
+        $this->secondFactorTypeService = $secondFactorTypeService;
     }
 
     /**
@@ -129,13 +140,11 @@ public function accreditCandidate(AccreditCandidateCommand $command)
     private function getLoa3SecondFactorTypes()
     {
         $loa3 = new Loa(Loa::LOA_3, 'LOA3');
-
         return array_filter(
-            SecondFactorType::getAvailableSecondFactorTypes(),
+            $this->secondFactorTypeService->getAvailableSecondFactorTypes(),
             function ($secondFactorType) use ($loa3) {
                 $secondFactorType = new SecondFactorType($secondFactorType);
-
-                return $secondFactorType->canSatisfy($loa3);
+                return $this->secondFactorTypeService->canSatisfy($secondFactorType, $loa3);
             }
         );
     }
diff --git a/src/Surfnet/StepupRa/RaBundle/Service/VettingService.php b/src/Surfnet/StepupRa/RaBundle/Service/VettingService.php
index e0848130..6c57f203 100644
--- a/src/Surfnet/StepupRa/RaBundle/Service/VettingService.php
+++ b/src/Surfnet/StepupRa/RaBundle/Service/VettingService.php
@@ -21,6 +21,7 @@
 use RuntimeException;
 use Surfnet\StepupBundle\Command\SendSmsChallengeCommand;
 use Surfnet\StepupBundle\Command\VerifyPossessionOfPhoneCommand;
+use Surfnet\StepupBundle\Service\SecondFactorTypeService;
 use Surfnet\StepupBundle\Service\SmsSecondFactor\OtpVerification;
 use Surfnet\StepupBundle\Service\SmsSecondFactorService;
 use Surfnet\StepupBundle\Value\PhoneNumber\InternationalPhoneNumber;
@@ -93,6 +94,11 @@ class VettingService
      */
     private $identityService;
 
+    /**
+     * @var \Surfnet\StepupBundle\Service\SecondFactorTypeService
+     */
+    private $secondFactorTypeService;
+
     public function __construct(
         SmsSecondFactorService $smsSecondFactorService,
         YubikeySecondFactorService $yubikeySecondFactorService,
@@ -101,7 +107,8 @@ public function __construct(
         CommandService $commandService,
         VettingProcedureRepository $vettingProcedureRepository,
         TranslatorInterface $translator,
-        IdentityService $identityService
+        IdentityService $identityService,
+        SecondFactorTypeService $secondFactorTypeService
     ) {
         $this->smsSecondFactorService = $smsSecondFactorService;
         $this->yubikeySecondFactorService = $yubikeySecondFactorService;
@@ -111,6 +118,7 @@ public function __construct(
         $this->vettingProcedureRepository = $vettingProcedureRepository;
         $this->translator = $translator;
         $this->identityService = $identityService;
+        $this->secondFactorTypeService = $secondFactorTypeService;
     }
 
     /**
@@ -121,7 +129,7 @@ public function isLoaSufficientToStartProcedure(StartVettingProcedureCommand $co
     {
         $secondFactorType = new SecondFactorType($command->secondFactor->type);
 
-        return $secondFactorType->isSatisfiedBy($command->authorityLoa);
+        return $this->secondFactorTypeService->isSatisfiedBy($secondFactorType, $command->authorityLoa);
     }
 
     /**
diff --git a/src/Surfnet/StepupRa/RaBundle/Tests/DependencyInjection/ConfigurationTest.php b/src/Surfnet/StepupRa/RaBundle/Tests/DependencyInjection/ConfigurationTest.php
index 96533b6e..22df8cf2 100644
--- a/src/Surfnet/StepupRa/RaBundle/Tests/DependencyInjection/ConfigurationTest.php
+++ b/src/Surfnet/StepupRa/RaBundle/Tests/DependencyInjection/ConfigurationTest.php
@@ -99,19 +99,6 @@ public function it_allows_two_enabled_second_factors()
         $this->assertConfigurationIsValid([['enabled_second_factors' => ['sms', 'yubikey']]], 'enabled_second_factors');
     }
 
-    /**
-     * @test
-     * @group configuration
-     */
-    public function it_rejects_invalid_second_factor_types()
-    {
-        $this->assertPartialConfigurationIsInvalid(
-            [['enabled_second_factors' => ['passport']]],
-            'enabled_second_factors',
-            'not one of the valid types'
-        );
-    }
-
     protected function getConfiguration()
     {
         return new Configuration();
diff --git a/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/Configuration.php b/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/Configuration.php
index 74a6dd82..f44dbe8a 100644
--- a/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/Configuration.php
+++ b/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/Configuration.php
@@ -22,6 +22,9 @@
 use Symfony\Component\Config\Definition\Builder\TreeBuilder;
 use Symfony\Component\Config\Definition\ConfigurationInterface;
 
+/**
+ * @SuppressWarnings(PHPMD.ExcessiveMethodLength)
+ */
 class Configuration implements ConfigurationInterface
 {
     public function getConfigTreeBuilder()
@@ -129,6 +132,58 @@ private function addProvidersSection(ArrayNodeDefinition $rootNode)
                         ->end()
                     ->end()
                 ->end()
+                ->arrayNode('view_config')
+                    ->children()
+                        ->arrayNode('page_title')
+                            ->children()
+                                ->scalarNode('en_GB')
+                                    ->isRequired()
+                                    ->info('English page title translation')
+                                ->end()
+                                ->scalarNode('nl_NL')
+                                    ->isRequired()
+                                    ->info('Dutch alt page title translation')
+                                ->end()
+                            ->end()
+                        ->end()
+                        ->arrayNode('explanation')
+                            ->children()
+                                ->scalarNode('en_GB')
+                                    ->isRequired()
+                                    ->info('English explanation translation')
+                                ->end()
+                                ->scalarNode('nl_NL')
+                                    ->isRequired()
+                                    ->info('Dutch explanation translation')
+                                ->end()
+                            ->end()
+                        ->end()
+                        ->arrayNode('initiate')
+                            ->children()
+                                ->scalarNode('en_GB')
+                                    ->isRequired()
+                                    ->info('English initiate text translation')
+                                ->end()
+                                ->scalarNode('nl_NL')
+                                    ->isRequired()
+                                    ->info('Dutch initiate text translation')
+                                ->end()
+                            ->end()
+                        ->end()
+                        ->arrayNode('gssf_id_mismatch')
+                            ->children()
+                                ->scalarNode('en_GB')
+                                    ->isRequired()
+                                    ->info('English id mismatch text translation')
+                                ->end()
+                                ->scalarNode('nl_NL')
+                                    ->isRequired()
+                                    ->info('Dutch id mismatch text translation')
+                                ->end()
+                            ->end()
+                        ->end()
+                    ->end()
+                ->end()
             ->end();
     }
 }
diff --git a/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/SurfnetStepupRaSamlStepupProviderExtension.php b/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/SurfnetStepupRaSamlStepupProviderExtension.php
index 19fb7aab..d22b75e3 100644
--- a/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/SurfnetStepupRaSamlStepupProviderExtension.php
+++ b/src/Surfnet/StepupRa/SamlStepupProviderBundle/DependencyInjection/SurfnetStepupRaSamlStepupProviderExtension.php
@@ -80,6 +80,17 @@ private function loadProviderConfiguration(
         $providerDefinition->setPublic(false);
         $container->setDefinition('gssp.provider.' . $provider, $providerDefinition);
 
+        $viewConfigDefinition = new Definition('Surfnet\StepupRa\SamlStepupProviderBundle\Provider\ViewConfig', [
+            new Reference('request'),
+            $configuration['view_config']['page_title'],
+            $configuration['view_config']['explanation'],
+            $configuration['view_config']['initiate'],
+            $configuration['view_config']['gssf_id_mismatch'],
+        ]);
+        $viewConfigDefinition->setScope('request');
+
+        $container->setDefinition('gssp.view_config.' . $provider, $viewConfigDefinition);
+
         $container
             ->getDefinition('gssp.provider_repository')
             ->addMethodCall('addProvider', [new Reference('gssp.provider.' . $provider)]);
diff --git a/src/Surfnet/StepupRa/SamlStepupProviderBundle/Provider/ViewConfig.php b/src/Surfnet/StepupRa/SamlStepupProviderBundle/Provider/ViewConfig.php
new file mode 100644
index 00000000..d8b96f40
--- /dev/null
+++ b/src/Surfnet/StepupRa/SamlStepupProviderBundle/Provider/ViewConfig.php
@@ -0,0 +1,130 @@
+<?php
+
+/**
+ * Copyright 2017 SURFnet bv
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Surfnet\StepupRa\SamlStepupProviderBundle\Provider;
+
+use Surfnet\StepupRa\RaBundle\Exception\LogicException;
+use Symfony\Component\HttpFoundation\Request;
+
+class ViewConfig
+{
+
+    /**
+     * @var array
+     */
+    public $pageTitle;
+
+    /**
+     * @var array
+     */
+    public $explanation;
+
+    /**
+     * @var array
+     */
+    public $initiate;
+
+    /**
+     * @var array
+     */
+    public $gssfIdMismatch;
+
+    /**
+     * @var Request
+     */
+    private $request;
+
+    /**
+     * The arrays are arrays of translated text, indexed on locale.
+     *
+     * @param Request $request
+     * @param array $pageTitle
+     * @param array $explanation
+     * @param array $initiate
+     * @param array $gssfIdMismatch
+     * @SuppressWarnings(PHPMD.ExcessiveParameterList)
+     */
+    public function __construct(
+        Request $request,
+        array $pageTitle,
+        array $explanation,
+        array $initiate,
+        array $gssfIdMismatch
+    ) {
+        $this->request = $request;
+        $this->pageTitle = $pageTitle;
+        $this->explanation = $explanation;
+        $this->initiate = $initiate;
+        $this->gssfIdMismatch = $gssfIdMismatch;
+    }
+
+    /**
+     * @return array
+     */
+    public function getExplanation()
+    {
+        return $this->getTranslation($this->explanation);
+    }
+
+    /**
+     * @return array
+     */
+    public function getGssfIdMismatch()
+    {
+        return $this->getTranslation($this->gssfIdMismatch);
+    }
+
+    /**
+     * @return array
+     */
+    public function getInitiate()
+    {
+        return $this->getTranslation($this->initiate);
+    }
+
+    /**
+     * @return array
+     */
+    public function getPageTitle()
+    {
+        return $this->getTranslation($this->pageTitle);
+    }
+
+    /**
+     * @param array $translations
+     * @return mixed
+     * @throws LogicException
+     */
+    private function getTranslation(array $translations)
+    {
+        $currentLocale = $this->request->getLocale();
+        if (is_null($currentLocale)) {
+            throw new LogicException('The current language is not set');
+        }
+        if (isset($translations[$currentLocale])) {
+            return $translations[$currentLocale];
+        }
+        throw new LogicException(
+            sprintf(
+                'The requested translation is not available in this language: %s. Available languages: %s',
+                $currentLocale,
+                implode(', ', array_keys($translations))
+            )
+        );
+    }
+}
diff --git a/src/Surfnet/StepupRa/SamlStepupProviderBundle/Tests/Provider/ViewConfigTest.php b/src/Surfnet/StepupRa/SamlStepupProviderBundle/Tests/Provider/ViewConfigTest.php
new file mode 100644
index 00000000..a19e4abd
--- /dev/null
+++ b/src/Surfnet/StepupRa/SamlStepupProviderBundle/Tests/Provider/ViewConfigTest.php
@@ -0,0 +1,105 @@
+<?php
+
+/**
+ * Copyright 2017 SURFnet bv
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Surfnet\StepupRa\SamlStepupProviderBundle\Tests\Provider;
+
+use Mockery as m;
+use PHPUnit_Framework_TestCase as TestCase;
+use Surfnet\StepupRa\SamlStepupProviderBundle\Provider\ViewConfig;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * Tests the ViewConfig class
+ * @package  Surfnet\StepupRa\SamlStepupProviderBundle\Tests\Provider
+ */
+final class ViewConfigTest extends TestCase
+{
+    /**
+     * @test
+     * @group di
+     */
+    public function view_config_translates_correctly()
+    {
+        $viewConfig = $this->buildViewConfig('nl_NL');
+
+        $this->assertEquals('NL pageTitle', $viewConfig->getPageTitle());
+        $this->assertEquals('NL explanation', $viewConfig->getExplanation());
+        $this->assertEquals('NL initiate', $viewConfig->getInitiate());
+        $this->assertEquals('NL gssfIdMismatch', $viewConfig->getGssfIdMismatch());
+
+        $viewConfig = $this->buildViewConfig('en_GB');
+        $this->assertEquals('EN pageTitle', $viewConfig->getPageTitle());
+        $this->assertEquals('EN explanation', $viewConfig->getExplanation());
+        $this->assertEquals('EN initiate', $viewConfig->getInitiate());
+        $this->assertEquals('EN gssfIdMismatch', $viewConfig->getGssfIdMismatch());
+    }
+
+    /**
+     * @test
+     * @group di
+     * @expectedException \Surfnet\StepupRa\RaBundle\Exception\LogicException
+     * @expectedExceptionMessage The current language is not set
+     */
+    public function translation_fails_when_no_current_language_set()
+    {
+        $viewConfig = $this->buildViewConfig(null);
+        $viewConfig->getExplanation();
+    }
+
+    /**
+     * @test
+     * @group di
+     * @expectedException \Surfnet\StepupRa\RaBundle\Exception\LogicException
+     * @expectedExceptionMessage The requested translation is not available in this language: fr_FR.
+     *                           Available languages: en_GB, nl_NL
+     */
+    public function view_config_cannot_serve_french_translations()
+    {
+        $viewConfig = $this->buildViewConfig('fr_FR');
+        $viewConfig->getGssfIdMismatch();
+    }
+
+    /**
+     * @param string $locale
+     * @return ViewConfig
+     */
+    private function buildViewConfig($locale = '')
+    {
+        $request = m::mock(Request::class);
+        $request->shouldReceive('getLocale')->andReturn($locale)->byDefault();
+        return new ViewConfig(
+            $request,
+            $this->getTranslationsArray('pageTitle'),
+            $this->getTranslationsArray('explanation'),
+            $this->getTranslationsArray('initiate'),
+            $this->getTranslationsArray('gssfIdMismatch')
+        );
+    }
+
+    /**
+     * @param $string
+     * @return array
+     */
+    private function getTranslationsArray($string)
+    {
+        return [
+            'en_GB' => 'EN ' . $string,
+            'nl_NL' => 'NL ' . $string,
+        ];
+    }
+}