diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 6331a2e493b..808fc952394 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -120,16 +120,16 @@ specs:
     AWS_SECRET_ACCESS_KEY: test
     CAPYBARA_WAIT_TIME_SECONDS: 5
     COVERAGE: 'true'
-    DOCKER_DB_HOST: postgres
+    DOCKER_DB_HOST: db-postgres
     POSTGRES_DB: identity_idp_test
     POSTGRES_USER: postgres_user
     POSTGRES_PASSWORD: postgres_password
     POSTGRES_HOST_AUTH_METHOD: trust
     RAILS_ENV: test
   services:
-    - name: postgres:13.9
+    - name: postgis/postgis:13-3.3
       alias: db-postgres
-      command: ["--fsync=false", "--synchronous_commit=false", "--full_page_writes=false"]
+      command: ['--fsync=false', '--synchronous_commit=false', '--full_page_writes=false']
     - name: redis:7.0
       alias: db-redis
   artifacts:
@@ -258,4 +258,3 @@ trigger_devops:
 include:
   - template: Jobs/SAST.gitlab-ci.yml
   - template: Jobs/Dependency-Scanning.gitlab-ci.yml
-
diff --git a/Brewfile b/Brewfile
index ac26eeacf37..76ea11b5282 100644
--- a/Brewfile
+++ b/Brewfile
@@ -1,4 +1,5 @@
 brew 'postgresql@14'
+brew 'postgis'
 brew 'redis'
 brew 'node@16'
 brew 'yarn'
diff --git a/Gemfile b/Gemfile
index 40a1feb67f2..a920533f249 100644
--- a/Gemfile
+++ b/Gemfile
@@ -5,6 +5,7 @@ ruby "~> #{File.read(File.join(__dir__, '.ruby-version')).strip}"
 
 gem 'rails', '~> 7.0.0'
 
+gem 'activerecord-postgis-adapter'
 gem 'ahoy_matey', '~> 3.0'
 gem 'aws-sdk-kms', '~> 1.4'
 gem 'aws-sdk-pinpoint'
diff --git a/Gemfile.lock b/Gemfile.lock
index 1a366e8b663..05e6ae139ef 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -113,6 +113,9 @@ GEM
     activerecord (7.0.4.3)
       activemodel (= 7.0.4.3)
       activesupport (= 7.0.4.3)
+    activerecord-postgis-adapter (8.0.2)
+      activerecord (~> 7.0.0)
+      rgeo-activerecord (~> 7.0.0)
     activestorage (7.0.4.3)
       actionpack (= 7.0.4.3)
       activejob (= 7.0.4.3)
@@ -550,6 +553,10 @@ GEM
       railties (>= 5.0)
     retries (0.0.5)
     rexml (3.2.5)
+    rgeo (3.0.0)
+    rgeo-activerecord (7.0.1)
+      activerecord (>= 5.0)
+      rgeo (>= 1.0.0)
     rotp (6.2.0)
     rouge (4.1.1)
     rqrcode (2.1.0)
@@ -722,6 +729,7 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  activerecord-postgis-adapter
   ahoy_matey (~> 3.0)
   aws-sdk-cloudwatchlogs
   aws-sdk-kms (~> 1.4)
diff --git a/app/assets/stylesheets/_uswds.scss b/app/assets/stylesheets/_uswds.scss
index 352c195e5f7..5964271ffd8 100644
--- a/app/assets/stylesheets/_uswds.scss
+++ b/app/assets/stylesheets/_uswds.scss
@@ -6,7 +6,6 @@
 @forward 'usa-alert';
 @forward 'usa-banner';
 @forward 'usa-button';
-@forward 'usa-button-group';
 @forward 'usa-collection';
 @forward 'usa-form';
 @forward 'usa-header';
diff --git a/app/assets/stylesheets/utilities/_typography.scss b/app/assets/stylesheets/utilities/_typography.scss
index 3b52fa8b0f4..5db68043ba7 100644
--- a/app/assets/stylesheets/utilities/_typography.scss
+++ b/app/assets/stylesheets/utilities/_typography.scss
@@ -99,28 +99,3 @@ h6,
 .h6 {
   @extend %h6;
 }
-
-.separator-text {
-  display: flex;
-  align-items: center;
-  text-align: center;
-  font-size: 1.125rem;
-  margin-bottom: 16px;
-
-  &::before,
-  &::after {
-    content: '';
-    display: block;
-    border-bottom: 1px solid color('primary-light');
-    flex-grow: 1;
-    min-width: 2rem;
-  }
-
-  &::before {
-    margin-right: 1rem;
-  }
-
-  &::after {
-    margin-left: 1rem;
-  }
-}
diff --git a/app/components/tab_navigation_component.html.erb b/app/components/tab_navigation_component.html.erb
index c9a89a8598a..005bebd90f8 100644
--- a/app/components/tab_navigation_component.html.erb
+++ b/app/components/tab_navigation_component.html.erb
@@ -1,13 +1,12 @@
-<%= content_tag(:nav, aria: { label: }, **tag_options) do %>
+<%= content_tag(:nav, aria: { label: }, **tag_options, class: [*tag_options[:class], 'tab-navigation']) do %>
   <ul class="usa-button-group usa-button-group--segmented">
     <% routes.each do |route| %>
-      <li class="usa-button-group__item grid-col display-flex">
+      <li class="usa-button-group__item">
         <%= render ButtonComponent.new(
               action: ->(**tag_options, &block) { link_to(route[:path], **tag_options, &block) },
               big: true,
               outline: !is_current_path?(route[:path]),
               aria: { current: is_current_path?(route[:path]) ? 'page' : nil },
-              class: 'grid-col',
             ).with_content(route[:text]) %>
       </li>
     <% end %>
diff --git a/app/components/tab_navigation_component.scss b/app/components/tab_navigation_component.scss
new file mode 100644
index 00000000000..28be43e6ad4
--- /dev/null
+++ b/app/components/tab_navigation_component.scss
@@ -0,0 +1,54 @@
+@use 'uswds-core' as *;
+
+@forward 'usa-button-group/src/styles';
+
+// Upstream: https://github.com/uswds/uswds/pull/5324
+.usa-button-group--segmented {
+  .usa-button {
+    @include u-display('flex');
+    @include u-flex('align-center', 'justify-center');
+  }
+
+  .usa-button-group__item {
+    @include u-display('flex');
+    @include grid-col('auto');
+  }
+}
+
+// Upstream: https://github.com/18F/identity-design-system/pull/359
+.usa-button-group__item {
+  &:first-child > .usa-button.usa-button--big {
+    margin-right: -1 * units($theme-button-stroke-width);
+  }
+
+  &:last-child > .usa-button.usa-button--big {
+    margin-left: -2 * units($theme-button-stroke-width);
+    width: calc(100% + #{units($theme-button-stroke-width) * 2});
+
+    @include at-media('mobile-lg') {
+      margin-left: -1 * units($theme-button-stroke-width);
+    }
+  }
+
+  &:where(:not(:first-child):not(:last-child)) > .usa-button.usa-button--big {
+    margin-right: -1 * units($theme-button-stroke-width);
+    margin-left: -1 * units($theme-button-stroke-width);
+  }
+}
+
+.tab-navigation .usa-button-group--segmented {
+  .usa-button-group__item {
+    flex-basis: 50%;
+  }
+
+  .usa-button-group__item:last-child > .usa-button,
+  .usa-button {
+    width: 100%;
+  }
+
+  .usa-button--big {
+    @include at-media-max('tablet') {
+      font-size: units(2);
+    }
+  }
+}
diff --git a/app/controllers/api/internal/sessions_controller.rb b/app/controllers/api/internal/sessions_controller.rb
index e376c6aa8c8..eeccb3b2b82 100644
--- a/app/controllers/api/internal/sessions_controller.rb
+++ b/app/controllers/api/internal/sessions_controller.rb
@@ -15,16 +15,12 @@ def show
       end
 
       def update
-        analytics.session_kept_alive if live?
-        update_last_request_at
-        render json: status_response
-      end
+        if live?
+          analytics.session_kept_alive
+          update_last_request_at
+        end
 
-      def destroy
-        analytics.session_timed_out
-        request_id = sp_session[:request_id]
-        sign_out
-        render json: { redirect: root_url(request_id:, timeout: :session) }
+        render json: status_response
       end
 
       private
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 7862072709c..cb11f3abf9b 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -34,11 +34,8 @@ class ApplicationController < ActionController::Base
 
   def session_expires_at
     return if @skip_session_expiration || @skip_session_load
-    now = Time.zone.now
-    session[:session_started_at] = now if session[:session_started_at].nil?
-    session[:session_expires_at] = now + Devise.timeout_in
-    session[:pinged_at] ||= now
-    redirect_on_timeout
+    session[:session_started_at] = Time.zone.now if session[:session_started_at].nil?
+    redirect_with_flash_if_timeout
   end
 
   # for lograge
@@ -156,18 +153,26 @@ def cache_issuer_in_cookie
                           end
   end
 
-  def redirect_on_timeout
+  def redirect_with_flash_if_timeout
     return unless params[:timeout]
 
-    unless current_user
+    if params[:timeout] == 'session'
+      analytics.session_timed_out
+      flash[:info] = t(
+        'notices.session_timedout',
+        app_name: APP_NAME,
+        minutes: IdentityConfig.store.session_timeout_in_minutes,
+      )
+    elsif current_user.blank?
       flash[:info] = t(
         'notices.session_cleared',
         minutes: IdentityConfig.store.session_timeout_in_minutes,
       )
     end
+
     begin
       redirect_to url_for(permitted_timeout_params)
-    rescue ActionController::UrlGenerationError # binary data in params cause redirect to throw this
+    rescue ActionController::UrlGenerationError # Binary data in parameters throw on redirect
       head :bad_request
     end
   end
diff --git a/app/controllers/concerns/idv/verify_info_concern.rb b/app/controllers/concerns/idv/verify_info_concern.rb
index d90455b269e..2b1a60623dc 100644
--- a/app/controllers/concerns/idv/verify_info_concern.rb
+++ b/app/controllers/concerns/idv/verify_info_concern.rb
@@ -48,6 +48,12 @@ def update
         double_address_verification: capture_secondary_id_enabled,
       )
 
+      # Don't allow the user to go back to document capture after verifying
+      if flow_session['redo_document_capture']
+        flow_session.delete('redo_document_capture')
+        flow_session[:flow_path] ||= 'standard'
+      end
+
       redirect_to after_update_url
     end
 
diff --git a/app/controllers/concerns/sign_in_a_b_test_concern.rb b/app/controllers/concerns/sign_in_a_b_test_concern.rb
deleted file mode 100644
index 01db563b03a..00000000000
--- a/app/controllers/concerns/sign_in_a_b_test_concern.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-module SignInABTestConcern
-  def sign_in_a_b_test_bucket
-    AbTests::SIGN_IN.bucket(sp_session[:request_id] || session.id)
-  end
-end
diff --git a/app/controllers/idv/agreement_controller.rb b/app/controllers/idv/agreement_controller.rb
new file mode 100644
index 00000000000..c3f9544d873
--- /dev/null
+++ b/app/controllers/idv/agreement_controller.rb
@@ -0,0 +1,82 @@
+module Idv
+  class AgreementController < ApplicationController
+    include IdvSession
+    include IdvStepConcern
+    include OutageConcern
+    include StepIndicatorConcern
+    include StepUtilitiesConcern
+
+    before_action :confirm_two_factor_authenticated
+    before_action :render_404_if_agreement_controller_disabled
+    before_action :confirm_welcome_step_complete
+    before_action :confirm_agreement_needed
+    before_action :check_for_outage, only: :show
+
+    def show
+      analytics.idv_doc_auth_agreement_visited(**analytics_arguments)
+
+      Funnel::DocAuth::RegisterStep.new(current_user.id, sp_session[:issuer]).call(
+        'agreement', :view,
+        true
+      )
+
+      render :show, locals: { flow_session: flow_session }
+    end
+
+    def update
+      skip_to_capture if params[:skip_upload]
+
+      result = Idv::ConsentForm.new.submit(consent_form_params)
+
+      analytics.idv_doc_auth_agreement_submitted(
+        **analytics_arguments.merge(result.to_h),
+      )
+
+      if result.success?
+        idv_session.idv_consent_given = true
+
+        # for the 50/50 state
+        flow_session['Idv::Steps::AgreementStep'] = true
+
+        redirect_to idv_hybrid_handoff_url
+      else
+        redirect_to idv_agreement_url
+      end
+    end
+
+    private
+
+    def analytics_arguments
+      {
+        step: 'agreement',
+        analytics_id: 'Doc Auth',
+        irs_reproofing: irs_reproofing?,
+      }
+    end
+
+    def skip_to_capture
+      flow_session[:skip_upload_step] = true
+      flow_session[:flow_path] = 'standard'
+    end
+
+    def consent_form_params
+      params.require(:doc_auth).permit(:ial2_consent_given)
+    end
+
+    def confirm_welcome_step_complete
+      return if flow_session['Idv::Steps::WelcomeStep']
+
+      redirect_to idv_doc_auth_url
+    end
+
+    def confirm_agreement_needed
+      return unless idv_session.idv_consent_given
+
+      redirect_to idv_hybrid_handoff_url
+    end
+
+    def render_404_if_agreement_controller_disabled
+      render_not_found unless IdentityConfig.store.doc_auth_agreement_controller_enabled
+    end
+  end
+end
diff --git a/app/controllers/idv/doc_auth_controller.rb b/app/controllers/idv/doc_auth_controller.rb
index 4e41f637749..9b76f5a828d 100644
--- a/app/controllers/idv/doc_auth_controller.rb
+++ b/app/controllers/idv/doc_auth_controller.rb
@@ -12,7 +12,6 @@ class DocAuthController < ApplicationController
 
     before_action :redirect_if_flow_completed
     before_action :handle_fraud
-    before_action :update_if_skipping_upload
     # rubocop:disable Rails/LexicallyScopedActionFilter
     before_action :check_for_outage, only: :show
     # rubocop:enable Rails/LexicallyScopedActionFilter
@@ -43,12 +42,6 @@ def redirect_if_pending_in_person_enrollment
       redirect_to idv_in_person_ready_to_verify_url if current_user.pending_in_person_enrollment
     end
 
-    def update_if_skipping_upload
-      return if params[:step] != 'upload' || !flow_session || !flow_session[:skip_upload_step]
-      track_step_visited
-      update
-    end
-
     def do_meta_refresh(meta_refresh_count)
       @meta_refresh = 10 * 60
       flow_session[:meta_refresh_count] = meta_refresh_count + 1
diff --git a/app/controllers/idv/document_capture_controller.rb b/app/controllers/idv/document_capture_controller.rb
index a5b14ba47ec..c733c557dee 100644
--- a/app/controllers/idv/document_capture_controller.rb
+++ b/app/controllers/idv/document_capture_controller.rb
@@ -10,7 +10,7 @@ class DocumentCaptureController < ApplicationController
     include RateLimitConcern
 
     before_action :confirm_two_factor_authenticated
-    before_action :confirm_upload_step_complete
+    before_action :confirm_hybrid_handoff_complete
     before_action :confirm_document_capture_needed
     before_action :override_csp_to_allow_acuant
     before_action :check_for_outage, only: :show
@@ -53,7 +53,7 @@ def extra_view_variables
 
     private
 
-    def confirm_upload_step_complete
+    def confirm_hybrid_handoff_complete
       return if flow_session[:flow_path].present?
 
       redirect_to idv_hybrid_handoff_url
@@ -74,7 +74,8 @@ def analytics_arguments
         step: 'document_capture',
         analytics_id: 'Doc Auth',
         irs_reproofing: irs_reproofing?,
-      }.merge(**acuant_sdk_ab_test_analytics_args)
+        redo_document_capture: flow_session[:redo_document_capture],
+      }.compact.merge(**acuant_sdk_ab_test_analytics_args)
     end
 
     def handle_stored_result
diff --git a/app/controllers/idv/hybrid_handoff_controller.rb b/app/controllers/idv/hybrid_handoff_controller.rb
index b04d02375a9..28d156faf64 100644
--- a/app/controllers/idv/hybrid_handoff_controller.rb
+++ b/app/controllers/idv/hybrid_handoff_controller.rb
@@ -160,7 +160,8 @@ def analytics_arguments
         step: 'upload',
         analytics_id: 'Doc Auth',
         irs_reproofing: irs_reproofing?,
-      }.merge(**acuant_sdk_ab_test_analytics_args)
+        redo_document_capture: params[:redo] ? true : nil,
+      }.compact.merge(**acuant_sdk_ab_test_analytics_args)
     end
 
     def form_response(destination:)
@@ -205,12 +206,20 @@ def failure(message, extra = nil)
     end
 
     def confirm_agreement_step_complete
+      # delete when removing doc_auth_agreement_controller_enabled flag
       return if flow_session['Idv::Steps::AgreementStep']
+      return if idv_session.idv_consent_given
 
-      redirect_to idv_doc_auth_url
+      if IdentityConfig.store.doc_auth_agreement_controller_enabled
+        redirect_to idv_agreement_url
+      else
+        redirect_to idv_doc_auth_url
+      end
     end
 
     def confirm_hybrid_handoff_needed
+      setup_for_redo if params[:redo]
+
       return if !flow_session[:flow_path]
 
       if flow_session[:flow_path] == 'standard'
@@ -220,6 +229,15 @@ def confirm_hybrid_handoff_needed
       end
     end
 
+    def setup_for_redo
+      flow_session[:redo_document_capture] = true
+      if flow_session[:skip_upload_step]
+        flow_session[:flow_path] = 'standard'
+      else
+        flow_session[:flow_path] = nil
+      end
+    end
+
     def formatted_destination_phone
       raw_phone = params.require(:doc_auth).permit(:phone)
       PhoneFormatter.format(raw_phone, country_code: 'US')
diff --git a/app/controllers/idv/link_sent_controller.rb b/app/controllers/idv/link_sent_controller.rb
index a144f7aa38b..0aabbc1894c 100644
--- a/app/controllers/idv/link_sent_controller.rb
+++ b/app/controllers/idv/link_sent_controller.rb
@@ -8,7 +8,7 @@ class LinkSentController < ApplicationController
     include StepUtilitiesConcern
 
     before_action :confirm_two_factor_authenticated
-    before_action :confirm_upload_step_complete
+    before_action :confirm_hybrid_handoff_complete
     before_action :confirm_document_capture_needed
     before_action :extend_timeout_using_meta_refresh
     before_action :check_for_outage, only: :show
@@ -42,7 +42,7 @@ def extra_view_variables
 
     private
 
-    def confirm_upload_step_complete
+    def confirm_hybrid_handoff_complete
       return if flow_session[:flow_path] == 'hybrid'
 
       if flow_session[:flow_path] == 'standard'
diff --git a/app/controllers/sign_up/completions_controller.rb b/app/controllers/sign_up/completions_controller.rb
index dce5374cbb6..2ae8faf7f55 100644
--- a/app/controllers/sign_up/completions_controller.rb
+++ b/app/controllers/sign_up/completions_controller.rb
@@ -1,7 +1,6 @@
 module SignUp
   class CompletionsController < ApplicationController
     include SecureHeadersConcern
-    include SignInABTestConcern
 
     before_action :confirm_two_factor_authenticated
     before_action :verify_confirmed, if: :ial2?
@@ -93,10 +92,7 @@ def analytics_attributes(page_occurence)
     end
 
     def track_completion_event(last_page)
-      analytics.user_registration_complete(
-        **analytics_attributes(last_page),
-        sign_in_a_b_test_bucket:,
-      )
+      analytics.user_registration_complete(**analytics_attributes(last_page))
     end
 
     def pii
diff --git a/app/controllers/sign_up/registrations_controller.rb b/app/controllers/sign_up/registrations_controller.rb
index 89b438d3f2a..d228d97bde0 100644
--- a/app/controllers/sign_up/registrations_controller.rb
+++ b/app/controllers/sign_up/registrations_controller.rb
@@ -2,7 +2,6 @@ module SignUp
   class RegistrationsController < ApplicationController
     include PhoneConfirmation
     include ApplicationHelper # for ial2_requested?
-    include SignInABTestConcern
 
     before_action :confirm_two_factor_authenticated, only: [:destroy_confirm]
     before_action :require_no_authentication
@@ -15,11 +14,7 @@ def new
         analytics: analytics,
         attempts_tracker: irs_attempts_api_tracker,
       )
-      @sign_in_a_b_test_bucket = sign_in_a_b_test_bucket
-      analytics.user_registration_enter_email_visit(
-        sign_in_a_b_test_bucket: @sign_in_a_b_test_bucket,
-        from_sign_in: params[:source] == 'sign_in',
-      )
+      analytics.user_registration_enter_email_visit
       render :new, formats: :html
     end
 
diff --git a/app/controllers/users/sessions_controller.rb b/app/controllers/users/sessions_controller.rb
index 8f2b1061dd3..16539f6c8a6 100644
--- a/app/controllers/users/sessions_controller.rb
+++ b/app/controllers/users/sessions_controller.rb
@@ -7,7 +7,6 @@ class SessionsController < Devise::SessionsController
     include RememberDeviceConcern
     include Ial2ProfileConcern
     include Api::CsrfTokenConcern
-    include SignInABTestConcern
 
     rescue_from ActionController::InvalidAuthenticityToken, with: :redirect_to_signin
 
@@ -24,12 +23,9 @@ def new
 
       @ial = sp_session_ial
       @browser_is_ie11 = browser_is_ie11?
-      @is_on_home_page = true
-      @sign_in_a_b_test_bucket = sign_in_a_b_test_bucket
       analytics.sign_in_page_visit(
         flash: flash[:alert],
         stored_location: session['user_return_to'],
-        sign_in_a_b_test_bucket: @sign_in_a_b_test_bucket,
       )
       super
     end
diff --git a/app/forms/idv/api_image_upload_form.rb b/app/forms/idv/api_image_upload_form.rb
index ae81692fd04..96bcce89111 100644
--- a/app/forms/idv/api_image_upload_form.rb
+++ b/app/forms/idv/api_image_upload_form.rb
@@ -69,18 +69,26 @@ def validate_form
     end
 
     def post_images_to_client
-      response = doc_auth_client.post_images(
-        front_image: front_image_bytes,
-        back_image: back_image_bytes,
-        image_source: image_source,
-        user_uuid: user_uuid,
-        uuid_prefix: uuid_prefix,
-      )
+      timer = JobHelpers::Timer.new
+
+      response = timer.time('vendor_request') do
+        doc_auth_client.post_images(
+          front_image: front_image_bytes,
+          back_image: back_image_bytes,
+          image_source: image_source,
+          user_uuid: user_uuid,
+          uuid_prefix: uuid_prefix,
+        )
+      end
+
       response.extra.merge!(extra_attributes)
       response.extra[:state] = response.pii_from_doc[:state]
       response.extra[:state_id_type] = response.pii_from_doc[:state_id_type]
 
-      update_analytics(response)
+      update_analytics(
+        client_response: response,
+        vendor_request_time_in_ms: timer.results['vendor_request'],
+      )
 
       response
     end
@@ -204,7 +212,7 @@ def as_readable(image_key)
       end
     end
 
-    def update_analytics(client_response)
+    def update_analytics(client_response:, vendor_request_time_in_ms:)
       add_costs(client_response)
       update_funnel(client_response)
       analytics.idv_doc_auth_submitted_image_upload_vendor(
@@ -212,6 +220,7 @@ def update_analytics(client_response)
           client_image_metrics: image_metadata,
           async: false,
           flow_path: params[:flow_path],
+          vendor_request_time_in_ms: vendor_request_time_in_ms,
         ).merge(acuant_sdk_upgrade_ab_test_data),
       )
     end
diff --git a/app/helpers/session_timeout_warning_helper.rb b/app/helpers/session_timeout_warning_helper.rb
index 5b9c7081346..46ea99bdb5c 100644
--- a/app/helpers/session_timeout_warning_helper.rb
+++ b/app/helpers/session_timeout_warning_helper.rb
@@ -18,7 +18,7 @@ def expires_at
   def timeout_refresh_path
     UriService.add_params(
       request.original_fullpath,
-      timeout: true,
+      timeout: :form,
     )&.html_safe # rubocop:disable Rails/OutputSafety
   end
 
diff --git a/app/javascript/packages/prompt-on-navigate/index.spec.ts b/app/javascript/packages/prompt-on-navigate/index.spec.ts
index bbd4c0bbc48..2571a66b50c 100644
--- a/app/javascript/packages/prompt-on-navigate/index.spec.ts
+++ b/app/javascript/packages/prompt-on-navigate/index.spec.ts
@@ -35,7 +35,7 @@ describe('promptOnNavigate', () => {
 
     window.dispatchEvent(event);
 
-    expect(trackEvent).to.have.been.calledOnceWith(PROMPT_EVENT);
+    expect(trackEvent).to.have.been.calledOnceWith(PROMPT_EVENT, { path: '/' });
     trackEvent.resetHistory();
 
     sandbox.clock.tick(2000);
@@ -43,6 +43,7 @@ describe('promptOnNavigate', () => {
 
     sandbox.clock.tick(3000);
     expect(trackEvent).to.have.been.calledWith(STILL_ON_PAGE_EVENT, {
+      path: '/',
       seconds: 5,
     });
   });
@@ -56,7 +57,7 @@ describe('promptOnNavigate', () => {
 
     window.dispatchEvent(event);
 
-    expect(trackEvent).to.have.been.calledOnceWith(PROMPT_EVENT);
+    expect(trackEvent).to.have.been.calledOnceWith(PROMPT_EVENT, { path: '/' });
     trackEvent.resetHistory();
 
     sandbox.clock.tick(5000);
@@ -65,6 +66,7 @@ describe('promptOnNavigate', () => {
 
     sandbox.clock.tick(10000);
     expect(trackEvent).to.have.been.calledWith(STILL_ON_PAGE_EVENT, {
+      path: '/',
       seconds: 15,
     });
   });
@@ -91,6 +93,7 @@ describe('promptOnNavigate', () => {
 
     sandbox.clock.tick(15000);
     expect(trackEvent).to.have.been.calledWith(STILL_ON_PAGE_EVENT, {
+      path: '/',
       seconds: 30,
     });
   });
diff --git a/app/javascript/packages/prompt-on-navigate/index.ts b/app/javascript/packages/prompt-on-navigate/index.ts
index 60461e35c86..e426eaa45d9 100644
--- a/app/javascript/packages/prompt-on-navigate/index.ts
+++ b/app/javascript/packages/prompt-on-navigate/index.ts
@@ -25,7 +25,7 @@ export function promptOnNavigate(options: PromptOnNavigateOptions = defaults): (
     ev.preventDefault();
     ev.returnValue = '';
 
-    trackEvent(PROMPT_EVENT);
+    trackEvent(PROMPT_EVENT, { path: window.location.pathname });
 
     const stillOnPageIntervalsInSeconds = [...options.stillOnPageIntervalsInSeconds];
     let elapsed = 0;
@@ -46,6 +46,7 @@ export function promptOnNavigate(options: PromptOnNavigateOptions = defaults): (
 
       stillOnPageTimer = window.setTimeout(() => {
         trackEvent(STILL_ON_PAGE_EVENT, {
+          path: window.location.pathname,
           seconds: elapsed,
         });
         scheduleNextStillOnPagePing();
diff --git a/app/javascript/packages/session/requests.spec.ts b/app/javascript/packages/session/requests.spec.ts
index 169ca37ea6b..f2d078bb59f 100644
--- a/app/javascript/packages/session/requests.spec.ts
+++ b/app/javascript/packages/session/requests.spec.ts
@@ -1,12 +1,7 @@
 import { rest } from 'msw';
 import { setupServer } from 'msw/node';
 import type { SetupServer } from 'msw/node';
-import {
-  STATUS_API_ENDPOINT,
-  KEEP_ALIVE_API_ENDPOINT,
-  requestSessionStatus,
-  extendSession,
-} from './requests';
+import { SESSIONS_URL, requestSessionStatus, extendSession } from './requests';
 import type { SessionLiveStatusResponse, SessionTimedOutStatusResponse } from './requests';
 
 describe('requestSessionStatus', () => {
@@ -15,7 +10,7 @@ describe('requestSessionStatus', () => {
   context('session inactive', () => {
     before(() => {
       server = setupServer(
-        rest.get<{}, {}, SessionTimedOutStatusResponse>(STATUS_API_ENDPOINT, (_req, res, ctx) =>
+        rest.get<{}, {}, SessionTimedOutStatusResponse>(SESSIONS_URL, (_req, res, ctx) =>
           res(ctx.json({ live: false, timeout: null })),
         ),
       );
@@ -39,7 +34,7 @@ describe('requestSessionStatus', () => {
     before(() => {
       timeout = new Date(Date.now() + 1000).toISOString();
       server = setupServer(
-        rest.get<{}, {}, SessionLiveStatusResponse>(STATUS_API_ENDPOINT, (_req, res, ctx) =>
+        rest.get<{}, {}, SessionLiveStatusResponse>(SESSIONS_URL, (_req, res, ctx) =>
           res(ctx.json({ live: true, timeout })),
         ),
       );
@@ -60,7 +55,7 @@ describe('requestSessionStatus', () => {
   context('server responds with 401', () => {
     before(() => {
       server = setupServer(
-        rest.get<{}, {}>(STATUS_API_ENDPOINT, (_req, res, ctx) => res(ctx.status(401))),
+        rest.get<{}, {}>(SESSIONS_URL, (_req, res, ctx) => res(ctx.status(401))),
       );
       server.listen();
     });
@@ -79,7 +74,7 @@ describe('requestSessionStatus', () => {
   context('server responds with 500', () => {
     before(() => {
       server = setupServer(
-        rest.get<{}, {}>(STATUS_API_ENDPOINT, (_req, res, ctx) => res(ctx.status(500))),
+        rest.get<{}, {}>(SESSIONS_URL, (_req, res, ctx) => res(ctx.status(500))),
       );
       server.listen();
     });
@@ -102,7 +97,7 @@ describe('extendSession', () => {
 
     before(() => {
       server = setupServer(
-        rest.post<{}, {}, SessionLiveStatusResponse>(KEEP_ALIVE_API_ENDPOINT, (_req, res, ctx) =>
+        rest.put<{}, {}, SessionLiveStatusResponse>(SESSIONS_URL, (_req, res, ctx) =>
           res(ctx.json({ live: true, timeout })),
         ),
       );
@@ -123,7 +118,7 @@ describe('extendSession', () => {
   context('server responds with 401', () => {
     before(() => {
       server = setupServer(
-        rest.post<{}, {}>(KEEP_ALIVE_API_ENDPOINT, (_req, res, ctx) => res(ctx.status(401))),
+        rest.put<{}, {}>(SESSIONS_URL, (_req, res, ctx) => res(ctx.status(401))),
       );
       server.listen();
     });
@@ -142,7 +137,7 @@ describe('extendSession', () => {
   context('server responds with 500', () => {
     before(() => {
       server = setupServer(
-        rest.post<{}, {}>(KEEP_ALIVE_API_ENDPOINT, (_req, res, ctx) => res(ctx.status(500))),
+        rest.put<{}, {}>(SESSIONS_URL, (_req, res, ctx) => res(ctx.status(500))),
       );
       server.listen();
     });
diff --git a/app/javascript/packages/session/requests.ts b/app/javascript/packages/session/requests.ts
index 8165ad24976..dc088da40b4 100644
--- a/app/javascript/packages/session/requests.ts
+++ b/app/javascript/packages/session/requests.ts
@@ -52,8 +52,7 @@ interface SessionTimedOutStatus {
 
 export type SessionStatus = SessionLiveStatus | SessionTimedOutStatus;
 
-export const STATUS_API_ENDPOINT = '/active';
-export const KEEP_ALIVE_API_ENDPOINT = '/sessions/keepalive';
+export const SESSIONS_URL = '/api/internal/sessions';
 
 function mapSessionStatusResponse<R extends SessionLiveStatusResponse>(
   response: R,
@@ -87,7 +86,7 @@ function handleUnauthorizedStatusResponse(error: ResponseError) {
  * @return A promise resolving to the current session status
  */
 export const requestSessionStatus = (): Promise<SessionStatus> =>
-  request<SessionStatusResponse>(STATUS_API_ENDPOINT)
+  request<SessionStatusResponse>(SESSIONS_URL)
     .catch(handleUnauthorizedStatusResponse)
     .then(mapSessionStatusResponse);
 
@@ -98,6 +97,6 @@ export const requestSessionStatus = (): Promise<SessionStatus> =>
  * @return A promise resolving to the updated session status.
  */
 export const extendSession = (): Promise<SessionStatus> =>
-  request<SessionStatusResponse>(KEEP_ALIVE_API_ENDPOINT, { method: 'POST' })
+  request<SessionStatusResponse>(SESSIONS_URL, { method: 'PUT' })
     .catch(handleUnauthorizedStatusResponse)
     .then(mapSessionStatusResponse);
diff --git a/app/javascript/packs/document-capture.tsx b/app/javascript/packs/document-capture.tsx
index 2e1dd7f7361..3c00f6f3dfa 100644
--- a/app/javascript/packs/document-capture.tsx
+++ b/app/javascript/packs/document-capture.tsx
@@ -14,8 +14,8 @@ import {
 import { isCameraCapableMobile } from '@18f/identity-device';
 import { FlowContext } from '@18f/identity-verify-flow';
 import { trackEvent as baseTrackEvent } from '@18f/identity-analytics';
-import type { FlowPath, DeviceContextValue } from '@18f/identity-document-capture';
 import { extendSession } from '@18f/identity-session';
+import type { FlowPath, DeviceContextValue } from '@18f/identity-document-capture';
 
 /**
  * @see MarketingSiteContextProvider
diff --git a/app/javascript/packs/session-timeout-ping.ts b/app/javascript/packs/session-timeout-ping.ts
index 7765be26f82..339ce097c86 100644
--- a/app/javascript/packs/session-timeout-ping.ts
+++ b/app/javascript/packs/session-timeout-ping.ts
@@ -4,22 +4,6 @@ import type { SessionStatus } from '@18f/identity-session';
 import type { CountdownElement } from '@18f/identity-countdown/countdown-element';
 import type { ModalElement } from '@18f/identity-modal';
 
-interface NewRelicAgent {
-  /**
-   * Log page action to New Relic.
-   */
-  addPageAction: (name: string, attributes: object) => void;
-}
-
-interface NewRelicGlobals {
-  /**
-   * New Relic agent
-   */
-  newrelic?: NewRelicAgent;
-}
-
-type LoginGovGlobal = typeof window & NewRelicGlobals;
-
 const warningEl = document.getElementById('session-timeout-cntnr');
 
 const defaultTime = '60';
@@ -27,30 +11,16 @@ const defaultTime = '60';
 const frequency = parseInt(warningEl?.dataset.frequency || defaultTime, 10) * 1000;
 const warning = parseInt(warningEl?.dataset.warning || defaultTime, 10) * 1000;
 const start = parseInt(warningEl?.dataset.start || defaultTime, 10) * 1000;
-const timeoutUrl = warningEl?.dataset.timeoutUrl;
-const initialTime = new Date();
+const timeoutUrl = warningEl?.dataset.timeoutUrl!;
 
 const modal = document.querySelector<ModalElement>('lg-modal.session-timeout-modal')!;
 const keepaliveEl = document.getElementById('session-keepalive-btn');
 const countdownEls: NodeListOf<CountdownElement> = modal.querySelectorAll('lg-countdown');
 
-function notifyNewRelic(error, actionName) {
-  (window as LoginGovGlobal).newrelic?.addPageAction('Session Ping Error', {
-    action_name: actionName,
-    time_elapsed_ms: new Date().valueOf() - initialTime.valueOf(),
-    error: error.message,
-  });
-}
-
-function handleTimeout(redirectURL: string) {
-  window.dispatchEvent(new window.CustomEvent('lg:session-timeout'));
-  forceRedirect(redirectURL);
-}
-
 function success({ isLive, timeout }: SessionStatus) {
   if (!isLive) {
     if (timeoutUrl) {
-      handleTimeout(timeoutUrl);
+      forceRedirect(timeoutUrl);
     }
     return;
   }
@@ -65,25 +35,20 @@ function success({ isLive, timeout }: SessionStatus) {
     });
   }
 
-  if (timeRemaining > 0 && timeRemaining < frequency) {
-    // Disable reason: circular dependency between ping and success
-    // eslint-disable-next-line @typescript-eslint/no-use-before-define
-    setTimeout(ping, timeRemaining);
-  }
-}
-
-function ping() {
-  requestSessionStatus()
-    .then(success)
-    .catch((error) => notifyNewRelic(error, 'ping'));
+  const nextPingTimeout =
+    timeRemaining > 0 && timeRemaining < frequency ? timeRemaining : frequency;
 
-  setTimeout(ping, frequency);
+  // Disable reason: circular dependency between ping and success
+  // eslint-disable-next-line @typescript-eslint/no-use-before-define
+  setTimeout(ping, nextPingTimeout);
 }
 
+const ping = () => requestSessionStatus().then(success);
+
 function keepalive() {
   modal.hide();
   countdownEls.forEach((countdownEl) => countdownEl.stop());
-  extendSession().catch((error) => notifyNewRelic(error, 'keepalive'));
+  extendSession();
 }
 
 keepaliveEl?.addEventListener('click', keepalive, false);
diff --git a/app/mailers/report_mailer.rb b/app/mailers/report_mailer.rb
index 584b460d783..aacd9d463e9 100644
--- a/app/mailers/report_mailer.rb
+++ b/app/mailers/report_mailer.rb
@@ -16,4 +16,9 @@ def system_demand_report(email:, data:, name:)
     attachments['system_demand.csv'] = data
     mail(to: email, subject: t('report_mailer.system_demand_report.subject'))
   end
+
+  def warn_error(email:, error:, env: Rails.env)
+    @error = error
+    mail(to: email, subject: "[#{env}] identity-idp error: #{error.class.name}")
+  end
 end
diff --git a/app/models/profile.rb b/app/models/profile.rb
index e0a408ada17..690c48a9936 100644
--- a/app/models/profile.rb
+++ b/app/models/profile.rb
@@ -92,6 +92,7 @@ def activate_after_passing_review
   def activate_after_passing_in_person
     update!(
       deactivation_reason: nil,
+      fraud_review_pending_at: nil,
     )
     activate
   end
diff --git a/app/services/analytics_events.rb b/app/services/analytics_events.rb
index 9f6bd0551c9..f4e23b1d289 100644
--- a/app/services/analytics_events.rb
+++ b/app/services/analytics_events.rb
@@ -751,6 +751,7 @@ def idv_doc_auth_submitted_image_upload_form(
   # @param [Integer] remaining_attempts
   # @param [Hash] client_image_metrics
   # @param [String] flow_path
+  # @param [Float] vendor_request_time_in_ms Time it took to upload images & get a response.
   # The document capture image was uploaded to vendor during the IDV process
   def idv_doc_auth_submitted_image_upload_vendor(
     success:,
@@ -764,6 +765,7 @@ def idv_doc_auth_submitted_image_upload_vendor(
     flow_path:,
     billed: nil,
     doc_auth_result: nil,
+    vendor_request_time_in_ms: nil,
     **extra
   )
     track_event(
@@ -780,6 +782,7 @@ def idv_doc_auth_submitted_image_upload_vendor(
       remaining_attempts: remaining_attempts,
       client_image_metrics: client_image_metrics,
       flow_path: flow_path,
+      vendor_request_time_in_ms: vendor_request_time_in_ms,
       **extra,
     )
   end
@@ -3366,14 +3369,12 @@ def show_password_button_clicked(path:, **extra)
 
   # @param [String] flash
   # @param [String] stored_location
-  # @param [String] sign_in_a_b_test_bucket
   # tracks when a user visits the sign in page
-  def sign_in_page_visit(flash:, stored_location:, sign_in_a_b_test_bucket:, **extra)
+  def sign_in_page_visit(flash:, stored_location:, **extra)
     track_event(
       'Sign in page visited',
       flash: flash,
       stored_location: stored_location,
-      sign_in_a_b_test_bucket:,
       **extra,
     )
   end
@@ -3583,18 +3584,23 @@ def user_marked_authed(authentication_type:, **extra)
 
   # User was shown an "Are you sure you want to navigate away from this page?" message from their
   # browser (via onbeforeunload). (This is a frontend event.)
-  def user_prompted_before_navigation
+  # @param [String] path Path where this event was encountered.
+  def user_prompted_before_navigation(path:, **extra)
     track_event(
       'User prompted before navigation',
+      path: path,
+      **extra,
     )
   end
 
   # User was shown an "Are you sure you want to navigate away from this page?" prompt via
   # onbeforeunload and was still on the page <seconds> later. (This is a frontend event.)
+  # @param [String] path Path where this event was encountered.
   # @param [Integer] seconds Amount of time user has been on page since prompt.
-  def user_prompted_before_navigation_and_still_on_page(seconds:, **extra)
+  def user_prompted_before_navigation_and_still_on_page(path:, seconds:, **extra)
     track_event(
       'User prompted before navigation and still on page',
+      path: path,
       seconds: seconds,
       **extra,
     )
@@ -3716,7 +3722,6 @@ def user_registration_cancellation(request_came_from:, **extra)
   # @param [String] service_provider_name
   # @param [String] page_occurence
   # @param [String] needs_completion_screen_reason
-  # @param [String] sign_in_a_b_test_bucket
   # @param [Array] sp_request_requested_attributes
   # @param [Array] sp_session_requested_attributes
   def user_registration_complete(
@@ -3724,7 +3729,6 @@ def user_registration_complete(
     service_provider_name:,
     page_occurence:,
     needs_completion_screen_reason:,
-    sign_in_a_b_test_bucket:,
     sp_session_requested_attributes:,
     sp_request_requested_attributes: nil,
     ialmax: nil,
@@ -3737,7 +3741,6 @@ def user_registration_complete(
       service_provider_name: service_provider_name,
       page_occurence: page_occurence,
       needs_completion_screen_reason: needs_completion_screen_reason,
-      sign_in_a_b_test_bucket:,
       sp_request_requested_attributes: sp_request_requested_attributes,
       sp_session_requested_attributes: sp_session_requested_attributes,
       **extra,
@@ -3797,15 +3800,8 @@ def user_registration_email_confirmation(
   end
 
   # Tracks when user visits enter email page
-  # @param [String] sign_in_a_b_test_bucket
-  # @param [Boolean] from_sign_in
-  def user_registration_enter_email_visit(sign_in_a_b_test_bucket:, from_sign_in:, **extra)
-    track_event(
-      'User Registration: enter email visited',
-      sign_in_a_b_test_bucket:,
-      from_sign_in:,
-      **extra,
-    )
+  def user_registration_enter_email_visit
+    track_event('User Registration: enter email visited')
   end
 
   # @param [Boolean] success
diff --git a/app/services/idv/session.rb b/app/services/idv/session.rb
index 4f1d086f877..3b871a5caf3 100644
--- a/app/services/idv/session.rb
+++ b/app/services/idv/session.rb
@@ -5,6 +5,7 @@ class Session
       applicant
       go_back_path
       verify_info_step_document_capture_session_uuid
+      idv_consent_given
       idv_phone_step_document_capture_session_uuid
       vendor_phone_confirmation
       user_phone_confirmation
diff --git a/app/services/idv/steps/welcome_step.rb b/app/services/idv/steps/welcome_step.rb
index 9aca9f8d1af..5adfe444d35 100644
--- a/app/services/idv/steps/welcome_step.rb
+++ b/app/services/idv/steps/welcome_step.rb
@@ -16,6 +16,8 @@ def call
 
         create_document_capture_session(document_capture_session_uuid_key)
         cancel_previous_in_person_enrollments
+
+        redirect_to idv_agreement_url if IdentityConfig.store.doc_auth_agreement_controller_enabled
       end
 
       private
diff --git a/app/services/service_provider_seeder.rb b/app/services/service_provider_seeder.rb
index fee5f47d928..cfe816c2732 100644
--- a/app/services/service_provider_seeder.rb
+++ b/app/services/service_provider_seeder.rb
@@ -80,6 +80,12 @@ def check_for_missing_sps
     extra_sp_error = ExtraServiceProviderError.new(
       "Extra service providers found in DB: #{extra_sps.join(', ')}",
     )
-    NewRelic::Agent.notice_error(extra_sp_error)
+
+    if IdentityConfig.store.team_ursula_email.present?
+      ReportMailer.warn_error(
+        email: IdentityConfig.store.team_ursula_email,
+        error: extra_sp_error,
+      ).deliver_now_or_later
+    end
   end
 end
diff --git a/app/views/devise/sessions/new.html.erb b/app/views/devise/sessions/new.html.erb
index ef47fbf82f6..6492c7f8c6f 100644
--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@@ -10,22 +10,18 @@
 
 <% if decorated_session.sp_name %>
   <%= render 'sign_up/registrations/sp_registration_heading' %>
-<% elsif @sign_in_a_b_test_bucket != :tabbed %>
-  <%= render PageHeadingComponent.new.with_content(decorated_session.new_session_heading) %>
 <% end %>
 
-<% if @sign_in_a_b_test_bucket == :tabbed %>
-  <%= render TabNavigationComponent.new(
-        label: t('account.login.tab_navigation'),
-        routes: [
-          { text: t('links.next'), path: new_user_session_url },
-          { text: t('links.create_account'), path: sign_up_email_url(source: :sign_in) },
-        ],
-        class: 'margin-bottom-4',
-      ) %>
+<%= render TabNavigationComponent.new(
+      label: t('account.login.tab_navigation'),
+      routes: [
+        { text: t('links.next'), path: new_user_session_url },
+        { text: t('links.create_account'), path: sign_up_email_url },
+      ],
+      class: 'margin-bottom-4',
+    ) %>
 
-  <%= render PageHeadingComponent.new.with_content(t('headings.sign_in_existing_users')) %>
-<% end %>
+<%= render PageHeadingComponent.new.with_content(t('headings.sign_in_existing_users')) %>
 
 <%= render 'shared/sp_alert', section: 'sign_in' %>
 
@@ -54,11 +50,6 @@
         },
       ) %>
   <%= f.submit t('links.next'), full_width: true, wide: false %>
-  <% if @sign_in_a_b_test_bucket == :default %>
-    <div class="margin-top-4 margin-bottom-2">
-      <%= render 'shared/create_account_banner' %>
-    </div>
-  <% end %>
 <% end %>
 <% if @ial && desktop_device? %>
   <div class='margin-x-neg-1 margin-top-205'>
diff --git a/app/views/idv/agreement/show.html.erb b/app/views/idv/agreement/show.html.erb
new file mode 100644
index 00000000000..c36663e1131
--- /dev/null
+++ b/app/views/idv/agreement/show.html.erb
@@ -0,0 +1,64 @@
+<% title t('doc_auth.headings.lets_go') %>
+
+<% content_for(:pre_flash_content) do %>
+  <%= render StepIndicatorComponent.new(
+        steps: Idv::Flows::DocAuthFlow::STEP_INDICATOR_STEPS,
+        current_step: :getting_started,
+        locale_scope: 'idv',
+        class: 'margin-x-neg-2 margin-top-neg-4 tablet:margin-x-neg-6 tablet:margin-top-neg-4',
+      ) %>
+<% end %>
+
+<%= render AlertComponent.new(
+      type: :error,
+      class: [
+        'js-consent-form-alert',
+        'margin-bottom-4',
+        flow_session[:error_message].blank? && 'display-none',
+      ].select(&:present?),
+      message: flow_session[:error_message].presence || t('errors.doc_auth.consent_form'),
+    ) %>
+
+<%= render PageHeadingComponent.new.with_content(t('doc_auth.headings.lets_go')) %>
+<p><%= t('doc_auth.info.lets_go') %></p>
+<h2><%= t('doc_auth.headings.verify_identity') %></h2>
+<p><%= t('doc_auth.info.verify_identity') %></p>
+<h2><%= t('doc_auth.headings.secure_account') %></h2>
+<p><%= t('doc_auth.info.secure_account') %></p>
+
+<%= simple_form_for(
+      :doc_auth,
+      url: url_for,
+      method: 'put',
+      html: { autocomplete: 'off', class: 'margin-top-2 margin-bottom-5 js-consent-continue-form' },
+    ) do |f| %>
+  <%= render ClickObserverComponent.new(event_name: 'IdV: consent checkbox toggled') do %>
+    <%= render ValidatedFieldComponent.new(
+          form: f,
+          name: :ial2_consent_given,
+          as: :boolean,
+          label: t('doc_auth.instructions.consent', app_name: APP_NAME),
+          required: true,
+        ) %>
+  <% end %>
+  <p class="margin-top-2">
+    <%= new_tab_link_to(
+          t('doc_auth.instructions.learn_more'),
+          policy_redirect_url(flow: :idv, step: :agreement, location: :consent),
+        ) %>
+  </p>
+  <div class="margin-top-4">
+    <%= render(
+          SpinnerButtonComponent.new(
+            type: :submit,
+            big: true,
+            wide: true,
+            spin_on_click: false,
+          ).with_content(t('doc_auth.buttons.continue')),
+        ) %>
+  </div>
+<% end %>
+
+<%= render 'idv/doc_auth/cancel', step: 'agreement' %>
+
+<%= javascript_packs_tag_once('document-capture-welcome') %>
diff --git a/app/views/idv/hybrid_handoff/show.html.erb b/app/views/idv/hybrid_handoff/show.html.erb
index 70b28b3ed42..3ae349d30da 100644
--- a/app/views/idv/hybrid_handoff/show.html.erb
+++ b/app/views/idv/hybrid_handoff/show.html.erb
@@ -1,4 +1,4 @@
-<% title t('titles.doc_auth.upload') %>
+<% title t('titles.doc_auth.hybrid_handoff') %>
 
 <% content_for(:pre_flash_content) do %>
   <%= render StepIndicatorComponent.new(
@@ -12,11 +12,11 @@
 <%= render 'idv/doc_auth/error_messages', flow_session: flow_session %>
 
 <%= render PageHeadingComponent.new do %>
-  <%= t('doc_auth.headings.upload') %>
+  <%= t('doc_auth.headings.hybrid_handoff') %>
 <% end %>
 
 <p>
-  <%= t('doc_auth.info.upload') %>
+  <%= t('doc_auth.info.hybrid_handoff') %>
 </p>
 
 <div class="grid-row grid-gap grid-gap-2">
diff --git a/app/views/idv/in_person/state_id.html.erb b/app/views/idv/in_person/state_id.html.erb
index 23bc81a9f4e..fed60a92539 100644
--- a/app/views/idv/in_person/state_id.html.erb
+++ b/app/views/idv/in_person/state_id.html.erb
@@ -189,13 +189,16 @@
   <% end %>
   <% if capture_secondary_id_enabled %>
     <div class="tablet:grid-col-8 margin-bottom-5">
+      <%# using :tel for mobile numeric keypad %>
       <%= render ValidatedFieldComponent.new(
-            name: :identity_doc_zipcode,
+            as: :tel,
+            error_messages: { patternMismatch: t('idv.errors.pattern_mismatch.zipcode') },
             form: f,
-            input_html: { value: pii[:identity_doc_zipcode] },
+            input_html: { value: pii[:identity_doc_zipcode], class: 'zipcode' },
             label: t('in_person_proofing.form.state_id.zipcode'),
             label_html: { class: 'usa-label' },
-            maxlength: 255,
+            name: :identity_doc_zipcode,
+            pattern: '\d{5}([\-]\d{4})?',
             required: true,
           ) %>
     </div>
@@ -229,4 +232,4 @@
 <% else %>
   <%= render 'idv/doc_auth/cancel', step: 'state_id' %>
 <% end %>
-<%= javascript_packs_tag_once('puerto-rico-guidance') %>
+<%= javascript_packs_tag_once('formatted-fields', 'puerto-rico-guidance') %>
diff --git a/app/views/idv/in_person/verify_info/show.html.erb b/app/views/idv/in_person/verify_info/show.html.erb
index e62ea772f2f..b2c0c0f82ed 100644
--- a/app/views/idv/in_person/verify_info/show.html.erb
+++ b/app/views/idv/in_person/verify_info/show.html.erb
@@ -26,11 +26,10 @@ locals:
       ) do %>
     <%= t(
           'doc_auth.headings.capture_scan_warning_html',
-          link: render(
-            FormLinkComponent.new(
-              href: idv_doc_auth_step_path(step: :redo_document_capture),
-              method: :put,
-            ).with_content(t('doc_auth.headings.capture_scan_warning_link')),
+          link: link_to(
+            t('doc_auth.headings.capture_scan_warning_link'),
+            idv_hybrid_handoff_url(redo: true),
+            'aria-label': t('doc_auth.headings.capture_scan_warning_link'),
           ),
         ) %>
   <% end %>
diff --git a/app/views/idv/link_sent/show.html.erb b/app/views/idv/link_sent/show.html.erb
index b4a18d20abc..6196ae1a740 100644
--- a/app/views/idv/link_sent/show.html.erb
+++ b/app/views/idv/link_sent/show.html.erb
@@ -57,4 +57,10 @@
   <%= javascript_packs_tag_once 'doc-capture-polling' %>
 <% end %>
 
-<%= render 'idv/shared/back', action: 'cancel_link_sent', class: 'link-sent-back-link', step_url: :idv_doc_auth_step_url %>
+<div class="margin-top-5 padding-top-2 border-top border-primary-light">
+  <%= link_to(
+        '‹ ' + t('forms.buttons.back'),
+        idv_hybrid_handoff_url(redo: true),
+        class: 'link-sent-back-link',
+      ) %>
+</div>
diff --git a/app/views/idv/verify_info/show.html.erb b/app/views/idv/verify_info/show.html.erb
index a0a586f3c27..eab7ca997f5 100644
--- a/app/views/idv/verify_info/show.html.erb
+++ b/app/views/idv/verify_info/show.html.erb
@@ -26,11 +26,10 @@ locals:
       ) do %>
     <%= t(
           'doc_auth.headings.capture_scan_warning_html',
-          link: render(
-            FormLinkComponent.new(
-              href: idv_doc_auth_step_path(step: :redo_document_capture),
-              method: :put,
-            ).with_content(t('doc_auth.headings.capture_scan_warning_link')),
+          link: link_to(
+            t('doc_auth.headings.capture_scan_warning_link'),
+            idv_hybrid_handoff_url(redo: true),
+            'aria-label': t('doc_auth.headings.capture_scan_warning_link'),
           ),
         ) %>
   <% end %>
diff --git a/app/views/layouts/base.html.erb b/app/views/layouts/base.html.erb
index d71a5412a96..2c21d28ea3e 100644
--- a/app/views/layouts/base.html.erb
+++ b/app/views/layouts/base.html.erb
@@ -76,12 +76,6 @@
         class: 'site-wrap bg-primary-lighter',
         id: local_assigns[:user_main_tag] == false ? nil : 'main-content',
       ) do %>
-    <% if @is_on_home_page && @sign_in_a_b_test_bucket == :banner %>
-      <div class="grid-container padding-y-2 card tablet:margin-bottom-1">
-        <%= render 'shared/create_account_banner' %>
-      </div>
-    <% end %>
-
     <div class="grid-container padding-y-4 tablet:padding-y-8 <%= local_assigns[:disable_card].present? ? '' : 'card' %>">
       <%= yield(:pre_flash_content) if content_for?(:pre_flash_content) %>
       <%= render FlashComponent.new(flash: flash) %>
@@ -93,7 +87,6 @@
   <% if current_user %>
     <%= render partial: 'session_timeout/ping',
                locals: {
-                 timeout_url: timeout_url,
                  warning: session_timeout_warning,
                  start: session_timeout_start,
                  frequency: session_timeout_frequency,
diff --git a/app/views/report_mailer/warn_error.text.erb b/app/views/report_mailer/warn_error.text.erb
new file mode 100644
index 00000000000..d114ae14356
--- /dev/null
+++ b/app/views/report_mailer/warn_error.text.erb
@@ -0,0 +1,5 @@
+**Error**:
+<%= @error.class.name %>
+
+**Message**:
+<%= @error.message %>
diff --git a/app/views/session_timeout/_ping.html.erb b/app/views/session_timeout/_ping.html.erb
index 216fb756632..9c600645c3d 100644
--- a/app/views/session_timeout/_ping.html.erb
+++ b/app/views/session_timeout/_ping.html.erb
@@ -1,6 +1,6 @@
 <%= tag.div id: 'session-timeout-cntnr',
             data: {
-              timeout_url: timeout_url,
+              timeout_url: new_user_session_url(timeout: :session, request_id: sp_session[:request_id]),
               warning: warning,
               start: start,
               frequency: frequency,
diff --git a/app/views/shared/_create_account_banner.html.erb b/app/views/shared/_create_account_banner.html.erb
deleted file mode 100644
index 2badae27fff..00000000000
--- a/app/views/shared/_create_account_banner.html.erb
+++ /dev/null
@@ -1,10 +0,0 @@
-<h2 class='separator-text'>
-    <%= t('headings.create_account_with_sp.cta', app_name: APP_NAME) %>
-</h2>
-<%= render ButtonComponent.new(
-      action: ->(**tag_options, &block) { link_to(sign_up_email_url(source: :sign_in), **tag_options, &block) },
-      big: true,
-      outline: true,
-      full_width: true,
-      class: 'margin-bottom-105',
-    ).with_content(t('links.create_account')) %>
diff --git a/app/views/shared/_email_languages.html.erb b/app/views/shared/_email_languages.html.erb
index 0f7cfb77774..90d3933a19b 100644
--- a/app/views/shared/_email_languages.html.erb
+++ b/app/views/shared/_email_languages.html.erb
@@ -19,17 +19,21 @@ locals:
         ),
       ),
       collection: I18n.available_locales.map do |locale|
+        label = locale == I18n.locale ?
+          t('account.email_language.default', language: t("i18n.locale.#{locale}")) :
+          t("i18n.locale.#{locale}")
+
         [
           content_tag(
             :span,
-            locale == I18n.locale ?
-              t('account.email_language.default', language: t("i18n.locale.#{locale}")) :
-              t("i18n.locale.#{locale}"),
+            label,
             lang: locale,
+            aria: { hidden: true },
           ),
           locale,
           checked: selection ? selection.to_s == locale.to_s : I18n.locale.to_s == locale.to_s,
           lang: locale,
+          aria: { label: label },
         ]
       end,
     ) %>
diff --git a/app/views/sign_up/registrations/new.html.erb b/app/views/sign_up/registrations/new.html.erb
index 50c4a104b94..3c6e816de19 100644
--- a/app/views/sign_up/registrations/new.html.erb
+++ b/app/views/sign_up/registrations/new.html.erb
@@ -2,24 +2,20 @@
 
 <%= render 'shared/sp_alert', section: 'sign_up' %>
 
-<% if @sign_in_a_b_test_bucket == :tabbed %>
-  <% if decorated_session.sp_name %>
-    <%= render 'sign_up/registrations/sp_registration_heading' %>
-  <% end %>
+<% if decorated_session.sp_name %>
+  <%= render 'sign_up/registrations/sp_registration_heading' %>
+<% end %>
 
-  <%= render TabNavigationComponent.new(
-        label: t('account.login.tab_navigation'),
-        routes: [
-          { text: t('links.next'), path: new_user_session_url },
-          { text: t('links.create_account'), path: sign_up_email_path },
-        ],
-        class: 'margin-bottom-4',
-      ) %>
+<%= render TabNavigationComponent.new(
+      label: t('account.login.tab_navigation'),
+      routes: [
+        { text: t('links.next'), path: new_user_session_url },
+        { text: t('links.create_account'), path: sign_up_email_path },
+      ],
+      class: 'margin-bottom-4',
+    ) %>
 
-  <%= render PageHeadingComponent.new.with_content(t('headings.create_account_new_users')) %>
-<% else %>
-  <%= render PageHeadingComponent.new.with_content(t('titles.registrations.new')) %>
-<% end %>
+<%= render PageHeadingComponent.new.with_content(t('headings.create_account_new_users')) %>
 
 <%= simple_form_for(
       @register_user_email_form,
diff --git a/config/application.yml.default b/config/application.yml.default
index 115f01794eb..6d7010a08e2 100644
--- a/config/application.yml.default
+++ b/config/application.yml.default
@@ -87,6 +87,7 @@ doc_capture_polling_enabled: true
 doc_auth_client_glare_threshold: 50
 doc_auth_client_sharpness_threshold: 50
 doc_auth_s3_request_timeout: 5
+doc_auth_agreement_controller_enabled: false
 doc_auth_error_dpi_threshold: 290
 doc_auth_error_glare_threshold: 40
 doc_auth_error_sharpness_threshold: 40
@@ -320,11 +321,11 @@ session_total_duration_timeout_in_minutes: 720
 ses_configuration_set_name: ''
 set_remember_device_session_expiration: false
 sign_up_mfa_selection_order_testing: '{ "default": 100, "authentication_app_priority": 0, "usability_priority": 0 }'
-sign_in_a_b_testing: '{ "default": 100,"tabbed" :0, "banner": 0 } '
 sp_handoff_bounce_max_seconds: 2
 show_user_attribute_deprecation_warnings: false
 otp_min_attempts_remaining_warning_count: 3
 system_demand_report_email: 'foo@bar.com'
+team_ursula_email: ''
 test_ssn_allowed_list: ''
 totp_code_interval: 30
 unauthorized_scope_enabled: false
diff --git a/config/database.yml b/config/database.yml
index 0ecc4244307..45e1d71276b 100644
--- a/config/database.yml
+++ b/config/database.yml
@@ -1,5 +1,5 @@
 postgresql: &postgresql
-  adapter: postgresql
+  adapter: postgis
   encoding: utf8
   database: identity_idp_<%= Rails.env %>
   port: 5432
diff --git a/config/initializers/ab_tests.rb b/config/initializers/ab_tests.rb
index 1c0502f8558..8230fd81f42 100644
--- a/config/initializers/ab_tests.rb
+++ b/config/initializers/ab_tests.rb
@@ -19,11 +19,6 @@ module AbTests
     },
   )
 
-  SIGN_IN = AbTestBucket.new(
-    experiment_name: 'Sign In Experience',
-    buckets: IdentityConfig.store.sign_in_a_b_testing,
-  )
-
   def self.in_person_cta_variant_testing_buckets
     buckets = Hash.new
     percents = IdentityConfig.store.in_person_cta_variant_testing_percents
diff --git a/config/locales/doc_auth/en.yml b/config/locales/doc_auth/en.yml
index bf194a585a2..ecdd6b9a2aa 100644
--- a/config/locales/doc_auth/en.yml
+++ b/config/locales/doc_auth/en.yml
@@ -111,6 +111,7 @@ en:
       document_capture_back: Back of your ID
       document_capture_front: Front of your ID
       front: Front
+      hybrid_handoff: How would you like to add your ID?
       interstitial: We are processing your images
       lets_go: How verifying your identity works
       review_issues: Check your images and try again
@@ -118,7 +119,6 @@ en:
       ssn: Enter your Social Security number
       ssn_update: Update your Social Security number
       text_message: We sent a message to your phone
-      upload: How would you like to add your ID?
       upload_from_computer: Continue on this computer
       upload_from_phone: Use your phone to take photos
       verify_identity: Verify your identity
@@ -144,6 +144,7 @@ en:
       document_capture_intro_acknowledgment: We’ll collect information about you by
         reading your state‑issued ID. We use this information to verify your
         identity.
+      hybrid_handoff: We’ll collect information about you by reading your state‑issued ID.
       image_loaded: Image loaded
       image_loading: Image loading
       image_updated: Image updated
@@ -168,7 +169,6 @@ en:
       ssn: We need your Social Security number to verify your name, date of birth and
         address.
       tag: Recommended
-      upload: We’ll collect information about you by reading your state‑issued ID.
       upload_from_computer: Don’t have a phone? Upload photos of your ID from this computer.
       upload_from_phone: You won’t have to sign in again, and you’ll switch back to
         this computer after you take photos. Your mobile phone must have a
diff --git a/config/locales/doc_auth/es.yml b/config/locales/doc_auth/es.yml
index f55a4c0239a..177e403e01e 100644
--- a/config/locales/doc_auth/es.yml
+++ b/config/locales/doc_auth/es.yml
@@ -136,6 +136,7 @@ es:
       document_capture_back: Parte trasera de su documento de identidad
       document_capture_front: Parte delantera de su documento de identidad
       front: Parte Delantera
+      hybrid_handoff: '¿Cómo desea añadir su documento de identidad?'
       interstitial: Estamos procesando sus imágenes
       lets_go: Cómo funciona la verificación de su identidad
       review_issues: Revise sus imágenes e inténtelo de nuevo
@@ -143,7 +144,6 @@ es:
       ssn: Ingresa tu número de Seguro Social
       ssn_update: Actualice su número de Seguro Social
       text_message: Enviamos un mensaje a su teléfono
-      upload: '¿Cómo desea añadir su documento de identidad?'
       upload_from_computer: Continuar en esta computadora
       upload_from_phone: Utilice su teléfono para tomar las fotos
       verify_identity: Verifique su identidad
@@ -172,6 +172,8 @@ es:
       document_capture_intro_acknowledgment: Recopilaremos información sobre usted
         leyendo su documento de identidad expedido por el Estado. Usamos esta
         información para verificar su identidad.
+      hybrid_handoff: Recopilaremos información sobre usted leyendo su documento de
+        identidad expedido por el estado.
       image_loaded: Imagen cargada
       image_loading: Cargando la imagen
       image_updated: Imagen actualizada
@@ -199,8 +201,6 @@ es:
       ssn: Necesitamos tu número de Seguro Social para validar tu nombre, fecha de
         nacimiento y dirección.
       tag: Recomendado
-      upload: Recopilaremos información sobre usted leyendo su documento de identidad
-        expedido por el estado.
       upload_from_computer: ¿No tiene teléfono? Suba fotos de su documento de
         identidad desde esta computadora.
       upload_from_phone: No tendrá que volver a iniciar sesión y volverá a cambiar a
diff --git a/config/locales/doc_auth/fr.yml b/config/locales/doc_auth/fr.yml
index 6d8804acb5a..a6271df9141 100644
--- a/config/locales/doc_auth/fr.yml
+++ b/config/locales/doc_auth/fr.yml
@@ -142,6 +142,7 @@ fr:
       document_capture_back: Verso de votre carte d’identité
       document_capture_front: Recto de votre carte d’identité
       front: Recto
+      hybrid_handoff: Comment voulez-vous ajouter votre identifiant ?
       interstitial: Nous traitons vos images
       lets_go: Comment fonctionne la vérification de votre identité
       review_issues: Vérifiez vos images et essayez à nouveau
@@ -149,7 +150,6 @@ fr:
       ssn: Saisissez votre numéro de sécurité sociale
       ssn_update: Mettre à jour votre numéro de Sécurité Sociale
       text_message: Nous avons envoyé un message à votre téléphone
-      upload: Comment voulez-vous ajouter votre identifiant ?
       upload_from_computer: Continuer sur cet ordinateur
       upload_from_phone: Utilisez votre téléphone pour prendre des photos
       verify_identity: Vérifier votre identité
@@ -177,6 +177,8 @@ fr:
       document_capture_intro_acknowledgment: Nous recueillons des informations sur
         vous en lisant votre pièce d’identité délivrée par l’État. Nous
         utilisons ces informations pour vérifier votre identité.
+      hybrid_handoff: Nous recueillons des informations sur vous en lisant votre carte
+        d’identité délivrée par l’État.
       image_loaded: Image chargée
       image_loading: Chargement de l’image
       image_updated: Image mise à jour
@@ -206,8 +208,6 @@ fr:
       ssn: Nous avons besoin de votre numéro de sécurité sociale pour vérifier votre
         nom, date de naissance et adresse.
       tag: Recommandation
-      upload: Nous recueillons des informations sur vous en lisant votre carte
-        d’identité délivrée par l’État.
       upload_from_computer: Vous n’avez pas de téléphone ? Téléchargez les photos de
         votre carte d’identité depuis cet ordinateur.
       upload_from_phone: Vous n’aurez pas à vous reconnecter. Vous reviendrez sur cet
diff --git a/config/locales/headings/en.yml b/config/locales/headings/en.yml
index 4de2f26bb75..0a200f65ba2 100644
--- a/config/locales/headings/en.yml
+++ b/config/locales/headings/en.yml
@@ -24,7 +24,6 @@ en:
       new: Send another confirmation email
     create_account_new_users: Create an account for new users
     create_account_with_sp:
-      cta: First time using %{app_name}?
       sp_text: is using %{app_name} to allow you to sign in to your account safely and
         securely.
     edit_info:
diff --git a/config/locales/headings/es.yml b/config/locales/headings/es.yml
index e46608025c5..f876a645e9f 100644
--- a/config/locales/headings/es.yml
+++ b/config/locales/headings/es.yml
@@ -24,7 +24,6 @@ es:
       new: Enviar otro email de confirmación
     create_account_new_users: Crear una cuenta para usuarios nuevos
     create_account_with_sp:
-      cta: '¿Es la primera vez que utiliza %{app_name}?'
       sp_text: está utilizando %{app_name} para permitirle iniciar sesión en su cuenta
         de forma segura.
     edit_info:
diff --git a/config/locales/headings/fr.yml b/config/locales/headings/fr.yml
index bbb66734b05..8d34aea7712 100644
--- a/config/locales/headings/fr.yml
+++ b/config/locales/headings/fr.yml
@@ -24,7 +24,6 @@ fr:
       new: Envoyer un autre courriel de confirmation
     create_account_new_users: Créer un compte pour les nouveaux utilisateurs
     create_account_with_sp:
-      cta: Première fois que vous utilisez %{app_name}?
       sp_text: utilise %{app_name} pour vous permettre de vous connecter à votre
         compte de façon sûre et sécurisée.
     edit_info:
diff --git a/config/locales/titles/en.yml b/config/locales/titles/en.yml
index 70a7f7aa22e..87d7f0db36e 100644
--- a/config/locales/titles/en.yml
+++ b/config/locales/titles/en.yml
@@ -12,11 +12,11 @@ en:
     doc_auth:
       address: Update your mailing address
       doc_capture: Add your ID
+      hybrid_handoff: Verify your ID
       link_sent: Link sent
       processing_images: Processing your images
       ssn: Enter your Social Security number
       switch_back: Switch back to your computer
-      upload: Verify your ID
       verify: Verify your identity
     edit_info:
       email_language: Edit email language preference
diff --git a/config/locales/titles/es.yml b/config/locales/titles/es.yml
index f98580f21fa..f56a3424207 100644
--- a/config/locales/titles/es.yml
+++ b/config/locales/titles/es.yml
@@ -12,11 +12,11 @@ es:
     doc_auth:
       address: Actualice su dirección postal
       doc_capture: Agrega tu identificación
+      hybrid_handoff: Verifica tu identificación
       link_sent: Enlace enviado
       processing_images: Procesando tus imágenes
       ssn: Ingresa tu número del seguro social
       switch_back: Regresar a tu computadora
-      upload: Verifica tu identificación
       verify: Verifica tu identidad
     edit_info:
       email_language: Editar la preferencia de idioma del correo electrónico
diff --git a/config/locales/titles/fr.yml b/config/locales/titles/fr.yml
index f5abb22876f..edb0ced0138 100644
--- a/config/locales/titles/fr.yml
+++ b/config/locales/titles/fr.yml
@@ -12,11 +12,11 @@ fr:
     doc_auth:
       address: Mettez à jour votre adresse postale
       doc_capture: Ajoutez votre pièce d’identité
+      hybrid_handoff: Vérifiez votre pièce d’identité
       link_sent: Lien envoyé
       processing_images: Traitement de vos images
       ssn: Entrez votre numéro de sécurité sociale
       switch_back: Retournez sur votre ordinateur
-      upload: Vérifiez votre pièce d’identité
       verify: Vérifiez votre identité
     edit_info:
       email_language: Modifier la préférence de langue des e-mails
diff --git a/config/routes.rb b/config/routes.rb
index 199afb9cf5e..4db943f727f 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -17,7 +17,6 @@
     namespace :internal do
       get '/sessions' => 'sessions#show'
       put '/sessions' => 'sessions#update'
-      delete '/sessions' => 'sessions#destroy'
     end
   end
 
@@ -330,6 +329,8 @@
       post '/personal_key' => 'personal_key#update'
       get '/forgot_password' => 'forgot_password#new'
       post '/forgot_password' => 'forgot_password#update'
+      get '/agreement' => 'agreement#show'
+      put '/agreement' => 'agreement#update'
       get '/document_capture' => 'document_capture#show'
       put '/document_capture' => 'document_capture#update'
       # This route is included in SMS messages sent to users who start the IdV hybrid flow. It
diff --git a/db/primary_migrate/20230518221444_add_postgis_extension_to_database.rb b/db/primary_migrate/20230518221444_add_postgis_extension_to_database.rb
new file mode 100644
index 00000000000..3e8476ebf8d
--- /dev/null
+++ b/db/primary_migrate/20230518221444_add_postgis_extension_to_database.rb
@@ -0,0 +1,5 @@
+class AddPostgisExtensionToDatabase < ActiveRecord::Migration[7.0]
+  def change
+    enable_extension 'postgis'
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 0443b612784..09edb4958d7 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -15,6 +15,7 @@
   enable_extension "pg_stat_statements"
   enable_extension "pgcrypto"
   enable_extension "plpgsql"
+  enable_extension "postgis"
 
   create_table "account_reset_requests", force: :cascade do |t|
     t.integer "user_id", null: false
diff --git a/docs/local-development.md b/docs/local-development.md
index 175d0bd6a86..b4f786bb35c 100644
--- a/docs/local-development.md
+++ b/docs/local-development.md
@@ -23,6 +23,8 @@ If not using macOS:
     - [rbenv](https://github.com/rbenv/rbenv) (lets you install and switch between different versions of Ruby)
     - Ruby. Choose the version [in the `.ruby-version` file](../.ruby-version)
     - [PostgreSQL](http://www.postgresql.org/download/)
+    - [PostGIS](https://postgis.net/documentation/getting_started/#installing-postgis)
+        - Note: if you run into errors installing `postgis` or creating the databse, check [the troubleshooting docs](./troubleshooting.md#errors-related-to-the-databse).
     - [Redis 7+](http://redis.io/)
     - [Node.js v16](https://nodejs.org)
     - [Yarn](https://yarnpkg.com/en/)
diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md
index 0867ca17ede..f7b42a19317 100644
--- a/docs/troubleshooting.md
+++ b/docs/troubleshooting.md
@@ -8,6 +8,30 @@ $ bundle install
 $ yarn install
 ```
 
+### Errors related to the database
+
+One error you might see is:
+
+```
+Caused by:
+ActiveRecord::StatementInvalid: PG::FeatureNotSupported: ERROR:  extension "postgis" is not available
+DETAIL:  Could not open extension control file "/opt/homebrew/opt/postgresql@15/share/postgresql@15/extension/postgis.control": No such file or directory.
+HINT:  The extension must first be installed on the system where PostgreSQL is running.
+```
+
+If you see the above message:
+
+- double check that `postgis` is installed with `brew list`
+- if `postgis` is listed, it means when you brew installed you might have installed `postgis` in a different postgresql db than the app is using
+    - in this case, look at `brew list` again, and remove any `postgres` db that is not listed in [the Brewfile](../Brewfile) (`brew uninstall __`)
+        - if you try to run the migration now you might get a:
+            ```
+            connection to server at "::1", port 5432 failed: Connection refused
+            Is the server running on that host and accepting TCP/IP connections?
+            ```
+        - this likely means postgres is no longer running
+        - try `brew services start postgresql@14` (or your version) and then re-run the migration
+
 ## I am receiving errors when creating the development and test databases
 
 If you receive the following error (where _whoami_ == _your username_):
diff --git a/lib/identity_config.rb b/lib/identity_config.rb
index f0271b2ffd3..da8eddeffd5 100644
--- a/lib/identity_config.rb
+++ b/lib/identity_config.rb
@@ -153,6 +153,7 @@ def self.build_store(config_map)
     config.add(:disable_email_sending, type: :boolean)
     config.add(:disallow_all_web_crawlers, type: :boolean)
     config.add(:disposable_email_services, type: :json)
+    config.add(:doc_auth_agreement_controller_enabled, type: :boolean)
     config.add(:doc_auth_attempt_window_in_minutes, type: :integer)
     config.add(:doc_auth_client_glare_threshold, type: :integer)
     config.add(:doc_auth_client_sharpness_threshold, type: :integer)
@@ -427,11 +428,11 @@ def self.build_store(config_map)
       :sign_up_mfa_selection_order_testing, type: :json,
                                             options: { symbolize_names: true }
     )
-    config.add(:sign_in_a_b_testing, type: :json, options: { symbolize_names: true })
     config.add(:skip_encryption_allowed_list, type: :json)
     config.add(:sp_handoff_bounce_max_seconds, type: :integer)
     config.add(:state_tracking_enabled, type: :boolean)
     config.add(:system_demand_report_email, type: :string)
+    config.add(:team_ursula_email, type: :string)
     config.add(:telephony_adapter, type: :string)
     config.add(:test_ssn_allowed_list, type: :comma_separated_string_list)
     config.add(:totp_code_interval, type: :integer)
diff --git a/lib/pinpoint_supported_countries.rb b/lib/pinpoint_supported_countries.rb
index b3452fcaee1..902b43e8825 100644
--- a/lib/pinpoint_supported_countries.rb
+++ b/lib/pinpoint_supported_countries.rb
@@ -19,6 +19,12 @@ class PinpointSupportedCountries
     TH
   ].to_set.freeze
 
+  # Countries where AWS claims sender ID is required, and we don't have one, and
+  # it seems to work anyway.
+  SENDER_ID_EXCEPTION_COUNTRIES = %w[
+    AU
+  ].to_set.freeze
+
   CountrySupport = Struct.new(
     :iso_code,
     :name,
@@ -69,7 +75,7 @@ def sms_support
         iso_code = sms_config['ISO code']
         supports_sms = case trim_spaces(sms_config['Supports Sender IDs'])
         when 'Registration required1'
-          SENDER_ID_COUNTRIES.include?(iso_code)
+          SENDER_ID_COUNTRIES.include?(iso_code) || SENDER_ID_EXCEPTION_COUNTRIES.include?(iso_code)
         when 'Registration required3' # basically only India, has special rules
           true
         else
diff --git a/lib/reporting/command_line_options.rb b/lib/reporting/command_line_options.rb
index 239888d52f0..9a713b08ad5 100644
--- a/lib/reporting/command_line_options.rb
+++ b/lib/reporting/command_line_options.rb
@@ -4,7 +4,7 @@ module Reporting
   class CommandLineOptions
     # rubocop:disable Rails/Exit
     # @return [Hash]
-    def parse!(argv, out: STDOUT)
+    def parse!(argv, out: STDOUT, require_issuer: true)
       date = nil
       issuer = nil
       verbose = false
@@ -89,7 +89,7 @@ def parse!(argv, out: STDOUT)
 
       parser.parse!(argv)
 
-      if !date || !issuer
+      if !date || (require_issuer && !issuer)
         out.puts parser
         exit 1
       else
diff --git a/lib/reporting/monthly_proofing_report.rb b/lib/reporting/monthly_proofing_report.rb
new file mode 100644
index 00000000000..ec4563f6c49
--- /dev/null
+++ b/lib/reporting/monthly_proofing_report.rb
@@ -0,0 +1,166 @@
+# frozen_string_literal: true
+
+require 'csv'
+begin
+  require 'reporting/cloudwatch_client'
+  require 'reporting/cloudwatch_query_quoting'
+  require 'reporting/command_line_options'
+rescue LoadError => e
+  warn 'could not load paths, try running with "bundle exec rails runner"'
+  raise e
+end
+
+module Reporting
+  class MonthlyProofingReport
+    include Reporting::CloudwatchQueryQuoting
+
+    attr_reader :time_range
+
+    module Events
+      IDV_DOC_AUTH_IMAGE_UPLOAD = 'IdV: doc auth image upload vendor submitted'
+      IDV_GPO_ADDRESS_LETTER_REQUESTED = 'IdV: USPS address letter requested'
+      USPS_IPP_ENROLLMENT_CREATED = 'USPS IPPaaS enrollment created'
+      IDV_FINAL_RESOLUTION = 'IdV: final resolution'
+      IDV_PLEASE_CALL_VISITED = 'IdV: Verify please call visited'
+
+      def self.all_events
+        constants.map { |c| const_get(c) }
+      end
+    end
+
+    # @param [Range<Time>] date
+    def initialize(
+      time_range:,
+      verbose: false,
+      progress: false,
+      slice: 3.hours,
+      threads: 5,
+      issuer: nil # rubocop:disable Lint/UnusedMethodArgument
+    )
+      @time_range = time_range
+      @verbose = verbose
+      @progress = progress
+      @slice = slice
+      @threads = threads
+    end
+
+    def verbose?
+      @verbose
+    end
+
+    def progress?
+      @progress
+    end
+
+    def to_csv
+      CSV.generate do |csv|
+        csv << ['report_start', time_range.begin.iso8601]
+        csv << ['report_end', time_range.end.iso8601]
+        csv << ['report_generated', Date.today.to_s] # rubocop:disable Rails/Date
+        csv << ['metric', 'num_users', 'percent']
+
+        start = idv_doc_auth_image_vendor_submitted
+
+        [
+          ['image_submitted', idv_doc_auth_image_vendor_submitted],
+          ['verified', idv_final_resolution],
+          ['not_verified_started_gpo', idv_gpo_address_letter_requested],
+          ['not_verified_started_in_person', usps_ipp_enrollment_created],
+          ['not_verified_started_fraud_review', idv_please_call_visited],
+        ].each do |(label, num)|
+          csv << [label, num, num.to_f / start.to_f]
+        end
+      end
+    end
+
+    def idv_doc_auth_image_vendor_submitted
+      started_uuids.count
+    end
+
+    def idv_final_resolution
+      (data[Events::IDV_FINAL_RESOLUTION] & started_uuids).count
+    end
+
+    def idv_gpo_address_letter_requested
+      ((data[Events::IDV_GPO_ADDRESS_LETTER_REQUESTED] & started_uuids) - verified_uuids).count
+    end
+
+    def usps_ipp_enrollment_created
+      ((data[Events::USPS_IPP_ENROLLMENT_CREATED] & started_uuids) - verified_uuids).count
+    end
+
+    def idv_please_call_visited
+      ((data[Events::IDV_PLEASE_CALL_VISITED] & started_uuids) - verified_uuids).count
+    end
+
+    def verified_uuids
+      data[Events::IDV_FINAL_RESOLUTION]
+    end
+
+    def started_uuids
+      data[Events::IDV_DOC_AUTH_IMAGE_UPLOAD]
+    end
+
+    # Turns query results into a hash keyed by event name, values are a set of unique user IDs
+    # for that event
+    # @return [Hash<String,Set<String>>]
+    def data
+      @data ||= begin
+        event_users = Hash.new do |h, uuid|
+          h[uuid] = Set.new
+        end
+
+        # IDEA: maybe there's a block form if this we can do that yields results as it loads them
+        # to go slightly faster
+        fetch_results.each do |row|
+          event_users[row['name']] << row['user_id']
+        end
+
+        event_users
+      end
+    end
+
+    def fetch_results
+      cloudwatch_client.fetch(query:, from: time_range.begin, to: time_range.end)
+    end
+
+    def query
+      params = {
+        event_names: quote(Events.all_events),
+        idv_final_resolution: quote(Events::IDV_FINAL_RESOLUTION),
+      }
+
+      format(<<~QUERY, params)
+        fields
+            name
+          , properties.user_id AS user_id
+        | filter name in %{event_names}
+        | filter (
+               name = %{idv_final_resolution}
+           and isblank(properties.event_properties.deactivation_reason)
+           and properties.event_properties.fraud_review_pending != 1
+          )
+          or (name != %{idv_final_resolution})
+        | limit 10000
+      QUERY
+    end
+
+    def cloudwatch_client
+      @cloudwatch_client ||= Reporting::CloudwatchClient.new(
+        num_threads: @threads,
+        ensure_complete_logs: true,
+        slice_interval: @slice,
+        progress: progress?,
+        logger: verbose? ? Logger.new(STDERR) : nil,
+      )
+    end
+  end
+end
+
+# rubocop:disable Rails/Output
+if __FILE__ == $PROGRAM_NAME
+  options = Reporting::CommandLineOptions.new.parse!(ARGV, require_issuer: false)
+
+  puts Reporting::MonthlyProofingReport.new(**options).to_csv
+end
+# rubocop:enable Rails/Output
diff --git a/spec/components/tab_navigation_component_spec.rb b/spec/components/tab_navigation_component_spec.rb
index cfae0201448..d5509904f7e 100644
--- a/spec/components/tab_navigation_component_spec.rb
+++ b/spec/components/tab_navigation_component_spec.rb
@@ -10,16 +10,16 @@
   end
 
   it 'renders labelled navigation' do
-    expect(rendered).to have_css('nav[aria-label="Navigation"]')
+    expect(rendered).to have_css('.tab-navigation[aria-label="Navigation"]')
     expect(rendered).to have_link('First') { |link| !is_current_link?(link) }
     expect(rendered).to have_link('Second') { |link| !is_current_link?(link) }
   end
 
   context 'with tag options' do
-    let(:tag_options) { super().merge(data: { foo: 'bar' }) }
+    let(:tag_options) { super().merge(data: { foo: 'bar' }, class: 'example') }
 
     it 'renders with tag options forwarded to navigation' do
-      expect(rendered).to have_css('nav[data-foo="bar"]')
+      expect(rendered).to have_css('.tab-navigation.example[data-foo="bar"]')
     end
   end
 
diff --git a/spec/config/initializers/ab_tests_spec.rb b/spec/config/initializers/ab_tests_spec.rb
index 9a26877b1ec..762a213f6c5 100644
--- a/spec/config/initializers/ab_tests_spec.rb
+++ b/spec/config/initializers/ab_tests_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AbTests do
+RSpec.describe AbTests do
   def reload_ab_test_initializer!
     # undefine the AB tests instances so we can re-initialize them with different config values
     AbTests.constants.each do |const_name|
diff --git a/spec/config/initializers/ahoy_spec.rb b/spec/config/initializers/ahoy_spec.rb
index c0f308ddce0..cfa0fa82269 100644
--- a/spec/config/initializers/ahoy_spec.rb
+++ b/spec/config/initializers/ahoy_spec.rb
@@ -2,7 +2,7 @@
 
 MockAhoy = Struct.new(:visit_token, :visitor_token)
 
-describe Ahoy::Store do
+RSpec.describe Ahoy::Store do
   context 'visit_token is an invalid UUID' do
     it 'excludes the event' do
       mock_ahoy = MockAhoy.new('foo', '1056d484-194c-4b8c-978d-0c0f57958f04')
diff --git a/spec/config/initializers/job_configurations_spec.rb b/spec/config/initializers/job_configurations_spec.rb
index 6223a01550d..eed5dc1c2fa 100644
--- a/spec/config/initializers/job_configurations_spec.rb
+++ b/spec/config/initializers/job_configurations_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'GoodJob.cron' do
+RSpec.describe 'GoodJob.cron' do
   it 'has valid cron jobs' do
     expect(Rails.application.config.good_job.cron).to be_present
     aggregate_failures do
diff --git a/spec/controllers/account_reset/cancel_controller_spec.rb b/spec/controllers/account_reset/cancel_controller_spec.rb
index 7d255be572e..488f187ad25 100644
--- a/spec/controllers/account_reset/cancel_controller_spec.rb
+++ b/spec/controllers/account_reset/cancel_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::CancelController do
+RSpec.describe AccountReset::CancelController do
   include AccountResetHelper
 
   let(:user) { create(:user, :fully_registered) }
diff --git a/spec/controllers/account_reset/delete_account_controller_spec.rb b/spec/controllers/account_reset/delete_account_controller_spec.rb
index 80923ee2cb8..385f65470e6 100644
--- a/spec/controllers/account_reset/delete_account_controller_spec.rb
+++ b/spec/controllers/account_reset/delete_account_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::DeleteAccountController do
+RSpec.describe AccountReset::DeleteAccountController do
   include AccountResetHelper
 
   let(:invalid_token_message) do
diff --git a/spec/controllers/account_reset/pending_controller_spec.rb b/spec/controllers/account_reset/pending_controller_spec.rb
index c0ebf384666..3348bb4cf70 100644
--- a/spec/controllers/account_reset/pending_controller_spec.rb
+++ b/spec/controllers/account_reset/pending_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::PendingController do
+RSpec.describe AccountReset::PendingController do
   let(:user) { create(:user) }
 
   before do
diff --git a/spec/controllers/account_reset/recovery_options_controller_spec.rb b/spec/controllers/account_reset/recovery_options_controller_spec.rb
index d7b37edbee3..c81c4fcaa43 100644
--- a/spec/controllers/account_reset/recovery_options_controller_spec.rb
+++ b/spec/controllers/account_reset/recovery_options_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::RecoveryOptionsController do
+RSpec.describe AccountReset::RecoveryOptionsController do
   let(:user) { create(:user, :with_authentication_app) }
   describe '#show' do
     it 'renders the page' do
diff --git a/spec/controllers/account_reset/request_controller_spec.rb b/spec/controllers/account_reset/request_controller_spec.rb
index bc7faa1572c..59cdb211f05 100644
--- a/spec/controllers/account_reset/request_controller_spec.rb
+++ b/spec/controllers/account_reset/request_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::RequestController do
+RSpec.describe AccountReset::RequestController do
   let(:user) { create(:user, :with_authentication_app) }
   describe '#show' do
     it 'renders the page' do
diff --git a/spec/controllers/accounts_controller_spec.rb b/spec/controllers/accounts_controller_spec.rb
index 365ec98eb10..0117b623f03 100644
--- a/spec/controllers/accounts_controller_spec.rb
+++ b/spec/controllers/accounts_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountsController do
+RSpec.describe AccountsController do
   describe 'before_actions' do
     it 'includes before_actions from AccountStateChecker' do
       expect(subject).to have_actions(
diff --git a/spec/controllers/api/internal/sessions_controller_spec.rb b/spec/controllers/api/internal/sessions_controller_spec.rb
index 0f2eaa581d8..fd798d7df97 100644
--- a/spec/controllers/api/internal/sessions_controller_spec.rb
+++ b/spec/controllers/api/internal/sessions_controller_spec.rb
@@ -8,6 +8,7 @@
   end
 
   before do
+    stub_analytics
     establish_warden_session if user
   end
 
@@ -67,6 +68,73 @@
     end
   end
 
+  describe '#update' do
+    let(:response) { put(:update) }
+    subject(:response_body) { JSON.parse(response.body, symbolize_names: true) }
+
+    it 'responds with live and timeout properties' do
+      expect(response_body).to eq(live: false, timeout: nil)
+    end
+
+    it 'includes csrf token in the response headers' do
+      expect(response.headers['X-CSRF-Token']).to be_kind_of(String)
+    end
+
+    it 'does not track analytics event' do
+      response
+
+      expect(@analytics).not_to have_logged_event('Session Kept Alive')
+    end
+
+    context 'signed in' do
+      let(:user) { create(:user, :fully_registered) }
+
+      it 'responds with live and timeout properties' do
+        expect(response_body).to eq(live: true, timeout: User.timeout_in.from_now.as_json)
+      end
+
+      it 'tracks analytics event' do
+        response
+
+        expect(@analytics).to have_logged_event('Session Kept Alive')
+      end
+
+      context 'after a delay' do
+        let(:delay) { 0.seconds }
+
+        before { travel_to delay.from_now }
+
+        context 'after a delay prior to session timeout' do
+          let(:delay) { User.timeout_in - 1.second }
+
+          it 'updates timeout and responds with live and timeout properties' do
+            expect(response_body).to eq(live: true, timeout: User.timeout_in.from_now.as_json)
+          end
+
+          it 'tracks analytics event' do
+            response
+
+            expect(@analytics).to have_logged_event('Session Kept Alive')
+          end
+        end
+
+        context 'after a delay exceeding session timeout' do
+          let(:delay) { User.timeout_in + 1.second }
+
+          it 'responds with live and timeout properties' do
+            expect(response_body).to eq(live: false, timeout: nil)
+          end
+
+          it 'does not track analytics event' do
+            response
+
+            expect(@analytics).not_to have_logged_event('Session Kept Alive')
+          end
+        end
+      end
+    end
+  end
+
   def establish_warden_session
     sign_in(user)
 
diff --git a/spec/controllers/application_controller_spec.rb b/spec/controllers/application_controller_spec.rb
index f6382e59923..818e8136556 100644
--- a/spec/controllers/application_controller_spec.rb
+++ b/spec/controllers/application_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ApplicationController do
+RSpec.describe ApplicationController do
   describe '#disable_caching' do
     controller do
       def index
@@ -326,7 +326,7 @@ def index
     end
   end
 
-  describe '#redirect_on_timeout' do
+  describe '#redirect_with_flash_if_timeout' do
     before { routes.draw { get 'index' => 'anonymous#index' } }
     after { Rails.application.reload_routes! }
 
@@ -337,11 +337,31 @@ def index
     end
     let(:user) { build_stubbed(:user) }
 
+    context 'with session timeout parameter' do
+      it 'logs an event' do
+        stub_analytics
+
+        get :index, params: { timeout: 'session', request_id: '123' }
+
+        expect(@analytics).to have_logged_event('Session Timed Out')
+      end
+
+      it 'displays flash message for session timeout' do
+        get :index, params: { timeout: 'session', request_id: '123' }
+
+        expect(flash[:info]).to eq t(
+          'notices.session_timedout',
+          app_name: APP_NAME,
+          minutes: IdentityConfig.store.session_timeout_in_minutes,
+        )
+      end
+    end
+
     context 'when the current user is present' do
       it 'does not display flash message' do
         allow(subject).to receive(:current_user).and_return(user)
 
-        get :index, params: { timeout: true, request_id: '123' }
+        get :index, params: { timeout: 'form', request_id: '123' }
 
         expect(flash[:info]).to be_nil
       end
@@ -352,7 +372,7 @@ def index
         receive(:redirect_to).and_raise(ActionController::UrlGenerationError.new('bad request'))
       allow(subject).to receive(:current_user).and_return(user)
 
-      get :index, params: { timeout: true, request_id: '123' }
+      get :index, params: { timeout: 'form', request_id: '123' }
 
       expect(response).to be_bad_request
     end
@@ -361,7 +381,7 @@ def index
       it 'displays a flash message' do
         allow(subject).to receive(:current_user).and_return(nil)
 
-        get :index, params: { timeout: true, request_id: '123' }
+        get :index, params: { timeout: 'form', request_id: '123' }
 
         expect(flash[:info]).to eq t(
           'notices.session_cleared',
diff --git a/spec/controllers/concerns/idv/acuant_concern_spec.rb b/spec/controllers/concerns/idv/acuant_concern_spec.rb
index 351513b3c8f..d10cf85358a 100644
--- a/spec/controllers/concerns/idv/acuant_concern_spec.rb
+++ b/spec/controllers/concerns/idv/acuant_concern_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::AcuantConcern, :controller do
+RSpec.describe Idv::AcuantConcern, :controller do
   controller ApplicationController do
     include Idv::AcuantConcern
 
diff --git a/spec/controllers/concerns/idv_step_concern_spec.rb b/spec/controllers/concerns/idv_step_concern_spec.rb
index f77c325d762..1133970df4d 100644
--- a/spec/controllers/concerns/idv_step_concern_spec.rb
+++ b/spec/controllers/concerns/idv_step_concern_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'IdvStepConcern' do
+RSpec.describe 'IdvStepConcern' do
   let(:user) { create(:user, :fully_registered, email: 'old_email@example.com') }
   let(:idv_session) do
     Idv::Session.new(user_session: subject.user_session, current_user: user, service_provider: nil)
diff --git a/spec/controllers/concerns/rate_limit_concern_spec.rb b/spec/controllers/concerns/rate_limit_concern_spec.rb
index d49a1bef4f2..ae19bd52787 100644
--- a/spec/controllers/concerns/rate_limit_concern_spec.rb
+++ b/spec/controllers/concerns/rate_limit_concern_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'RateLimitConcern' do
+RSpec.describe 'RateLimitConcern' do
   let(:user) { create(:user, :fully_registered, email: 'old_email@example.com') }
 
   module Idv
diff --git a/spec/controllers/concerns/reauthentication_required_concern_spec.rb b/spec/controllers/concerns/reauthentication_required_concern_spec.rb
index 0c398032379..1095b5d4fc7 100644
--- a/spec/controllers/concerns/reauthentication_required_concern_spec.rb
+++ b/spec/controllers/concerns/reauthentication_required_concern_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ReauthenticationRequiredConcern, type: :controller do
+RSpec.describe ReauthenticationRequiredConcern, type: :controller do
   let(:user) { create(:user, :fully_registered, email: 'old_email@example.com') }
 
   describe '#confirm_recently_authenticated' do
diff --git a/spec/controllers/concerns/sign_in_a_b_test_concern_spec.rb b/spec/controllers/concerns/sign_in_a_b_test_concern_spec.rb
deleted file mode 100644
index 61acd114b21..00000000000
--- a/spec/controllers/concerns/sign_in_a_b_test_concern_spec.rb
+++ /dev/null
@@ -1,38 +0,0 @@
-require 'rails_helper'
-
-RSpec.describe SignInABTestConcern, type: :controller do
-  controller ApplicationController do
-    include SignInABTestConcern
-  end
-
-  describe '#sign_in_a_b_test_bucket' do
-    subject(:sign_in_a_b_test_bucket) { controller.sign_in_a_b_test_bucket }
-
-    let(:sp_session) { {} }
-
-    before do
-      allow(session).to receive(:id).and_return('session-id')
-      allow(controller).to receive(:sp_session).and_return(sp_session)
-      allow(AbTests::SIGN_IN).to receive(:bucket) do |discriminator|
-        case discriminator
-        when 'session-id'
-          :default
-        when 'request-id'
-          :tabbed
-        end
-      end
-    end
-
-    it 'returns the bucket based on session id' do
-      expect(sign_in_a_b_test_bucket).to eq(:default)
-    end
-
-    context 'with associated sp session request id' do
-      let(:sp_session) { { request_id: 'request-id' } }
-
-      it 'returns the bucket based on request id' do
-        expect(sign_in_a_b_test_bucket).to eq(:tabbed)
-      end
-    end
-  end
-end
diff --git a/spec/controllers/event_disavowal_controller_spec.rb b/spec/controllers/event_disavowal_controller_spec.rb
index 1a0e82044e8..f10c726c5a8 100644
--- a/spec/controllers/event_disavowal_controller_spec.rb
+++ b/spec/controllers/event_disavowal_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EventDisavowalController do
+RSpec.describe EventDisavowalController do
   let(:disavowal_token) { 'asdf1234' }
   let(:event) do
     create(
diff --git a/spec/controllers/frontend_log_controller_spec.rb b/spec/controllers/frontend_log_controller_spec.rb
index ffc2b30186f..d107baa0751 100644
--- a/spec/controllers/frontend_log_controller_spec.rb
+++ b/spec/controllers/frontend_log_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe FrontendLogController do
+RSpec.describe FrontendLogController do
   describe '#create' do
     subject(:action) { post :create, params: params, as: :json }
 
diff --git a/spec/controllers/idv/agreement_controller_spec.rb b/spec/controllers/idv/agreement_controller_spec.rb
new file mode 100644
index 00000000000..00bc308d24d
--- /dev/null
+++ b/spec/controllers/idv/agreement_controller_spec.rb
@@ -0,0 +1,110 @@
+require 'rails_helper'
+
+RSpec.describe Idv::AgreementController do
+  include IdvHelper
+
+  let(:user) { create(:user) }
+
+  let(:feature_flag_enabled) { true }
+
+  before do
+    allow(IdentityConfig.store).to receive(:doc_auth_agreement_controller_enabled).
+      and_return(feature_flag_enabled)
+    stub_sign_in(user)
+    stub_analytics
+    subject.user_session['idv/doc_auth'] = { 'Idv::Steps::WelcomeStep' => true }
+  end
+
+  describe 'before_actions' do
+    it 'includes authentication before_action' do
+      expect(subject).to have_actions(
+        :before,
+        :confirm_two_factor_authenticated,
+      )
+    end
+
+    it 'includes outage before_action' do
+      expect(subject).to have_actions(
+        :before,
+        :check_for_outage,
+      )
+    end
+  end
+
+  describe '#show' do
+    let(:analytics_name) { 'IdV: doc auth agreement visited' }
+    let(:analytics_args) do
+      { step: 'agreement',
+        analytics_id: 'Doc Auth',
+        irs_reproofing: false }
+    end
+
+    it 'renders the show template' do
+      get :show
+
+      expect(response).to render_template :show
+    end
+
+    it 'sends analytics_visited event' do
+      get :show
+
+      expect(@analytics).to have_logged_event(analytics_name, analytics_args)
+    end
+
+    it 'updates DocAuthLog agreement_view_count' do
+      doc_auth_log = DocAuthLog.create(user_id: user.id)
+
+      expect { get :show }.to(
+        change { doc_auth_log.reload.agreement_view_count }.from(0).to(1),
+      )
+    end
+
+    context 'welcome step is not complete' do
+      it 'redirects to idv_doc_auth_url' do
+        subject.user_session['idv/doc_auth']['Idv::Steps::WelcomeStep'] = nil
+
+        get :show
+
+        expect(response).to redirect_to(idv_doc_auth_url)
+      end
+    end
+
+    context 'agreement already visited' do
+      it 'redirects to hybrid_handoff' do
+        allow(subject.idv_session).to receive(:idv_consent_given).and_return(true)
+
+        get :show
+
+        expect(response).to redirect_to(idv_hybrid_handoff_url)
+      end
+    end
+  end
+
+  describe '#update' do
+    let(:analytics_name) { 'IdV: doc auth agreement submitted' }
+
+    let(:analytics_args) do
+      { success: true,
+        errors: {},
+        step: 'agreement',
+        analytics_id: 'Doc Auth',
+        irs_reproofing: false }
+    end
+
+    it 'sends analytics_submitted event with consent given' do
+      put :update, params: { doc_auth: { ial2_consent_given: 1 } }
+
+      expect(@analytics).to have_logged_event(analytics_name, analytics_args)
+    end
+  end
+
+  context 'when doc_auth_agreement_controller_enabled is false' do
+    let(:feature_flag_enabled) { false }
+
+    it 'returns 404' do
+      get :show
+
+      expect(response.status).to eq(404)
+    end
+  end
+end
diff --git a/spec/controllers/idv/cancellations_controller_spec.rb b/spec/controllers/idv/cancellations_controller_spec.rb
index 37e6334f7b6..1b79dafdd99 100644
--- a/spec/controllers/idv/cancellations_controller_spec.rb
+++ b/spec/controllers/idv/cancellations_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::CancellationsController do
+RSpec.describe Idv::CancellationsController do
   describe 'before_actions' do
     it 'includes before_actions from IdvSession' do
       expect(subject).to have_actions(:before, :redirect_if_sp_context_needed)
diff --git a/spec/controllers/idv/capture_doc_status_controller_spec.rb b/spec/controllers/idv/capture_doc_status_controller_spec.rb
index 035a8e29413..a6909af3369 100644
--- a/spec/controllers/idv/capture_doc_status_controller_spec.rb
+++ b/spec/controllers/idv/capture_doc_status_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::CaptureDocStatusController do
+RSpec.describe Idv::CaptureDocStatusController do
   let(:user) { build(:user) }
 
   before do
diff --git a/spec/controllers/idv/come_back_later_controller_spec.rb b/spec/controllers/idv/come_back_later_controller_spec.rb
index dae05df7ce3..411eca2db1a 100644
--- a/spec/controllers/idv/come_back_later_controller_spec.rb
+++ b/spec/controllers/idv/come_back_later_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::ComeBackLaterController do
+RSpec.describe Idv::ComeBackLaterController do
   let(:user) { build_stubbed(:user, :fully_registered) }
   let(:gpo_verification_pending_profile) { true }
 
diff --git a/spec/controllers/idv/doc_auth_controller_spec.rb b/spec/controllers/idv/doc_auth_controller_spec.rb
index 0d536c5cac0..579f3d5c6de 100644
--- a/spec/controllers/idv/doc_auth_controller_spec.rb
+++ b/spec/controllers/idv/doc_auth_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::DocAuthController do
+RSpec.describe Idv::DocAuthController do
   include DocAuthHelper
 
   let(:user) { build(:user) }
diff --git a/spec/controllers/idv/document_capture_controller_spec.rb b/spec/controllers/idv/document_capture_controller_spec.rb
index e2f67c0faf0..8f15b4efaf9 100644
--- a/spec/controllers/idv/document_capture_controller_spec.rb
+++ b/spec/controllers/idv/document_capture_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::DocumentCaptureController do
+RSpec.describe Idv::DocumentCaptureController do
   include IdvHelper
 
   let(:flow_session) do
@@ -33,10 +33,10 @@
       )
     end
 
-    it 'checks that upload step is complete' do
+    it 'checks that hybrid_handoff is complete' do
       expect(subject).to have_actions(
         :before,
-        :confirm_upload_step_complete,
+        :confirm_hybrid_handoff_complete,
       )
     end
   end
@@ -71,6 +71,17 @@
       expect(@analytics).to have_logged_event(analytics_name, analytics_args)
     end
 
+    context 'redo_document_capture' do
+      it 'adds redo_document_capture to analytics' do
+        flow_session[:redo_document_capture] = true
+
+        get :show
+
+        analytics_args[:redo_document_capture] = true
+        expect(@analytics).to have_logged_event(analytics_name, analytics_args)
+      end
+    end
+
     it 'updates DocAuthLog document_capture_view_count' do
       doc_auth_log = DocAuthLog.create(user_id: user.id)
 
diff --git a/spec/controllers/idv/forgot_password_controller_spec.rb b/spec/controllers/idv/forgot_password_controller_spec.rb
index 6c8ac23aed0..2dc4f523e0b 100644
--- a/spec/controllers/idv/forgot_password_controller_spec.rb
+++ b/spec/controllers/idv/forgot_password_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::ForgotPasswordController do
+RSpec.describe Idv::ForgotPasswordController do
   describe 'before_actions' do
     it 'includes before_actions from IdvSession' do
       expect(subject).to have_actions(:before, :redirect_if_sp_context_needed)
diff --git a/spec/controllers/idv/gpo_controller_spec.rb b/spec/controllers/idv/gpo_controller_spec.rb
index e0f3d97b9a4..7a06cc0d416 100644
--- a/spec/controllers/idv/gpo_controller_spec.rb
+++ b/spec/controllers/idv/gpo_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::GpoController do
+RSpec.describe Idv::GpoController do
   let(:user) { create(:user) }
 
   before do
diff --git a/spec/controllers/idv/hybrid_handoff_controller_spec.rb b/spec/controllers/idv/hybrid_handoff_controller_spec.rb
index eae8825963f..58c7bcf1e45 100644
--- a/spec/controllers/idv/hybrid_handoff_controller_spec.rb
+++ b/spec/controllers/idv/hybrid_handoff_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::HybridHandoffController do
+RSpec.describe Idv::HybridHandoffController do
   include IdvHelper
 
   let(:user) { create(:user) }
@@ -55,7 +55,7 @@
       expect(@analytics).to have_logged_event(analytics_name, analytics_args)
     end
 
-    it 'updates DocAuthLog document_capture_view_count' do
+    it 'updates DocAuthLog upload_view_count' do
       doc_auth_log = DocAuthLog.create(user_id: user.id)
 
       expect { get :show }.to(
@@ -64,13 +64,24 @@
     end
 
     context 'agreement step is not complete' do
-      it 'redirects to idv_doc_auth_url' do
+      before do
         subject.user_session['idv/doc_auth']['Idv::Steps::AgreementStep'] = nil
+      end
 
+      it 'redirects to idv_doc_auth_url' do
         get :show
 
         expect(response).to redirect_to(idv_doc_auth_url)
       end
+
+      it 'redirects to idv_agreement_url when feature flag is set' do
+        allow(IdentityConfig.store).to receive(:doc_auth_agreement_controller_enabled).
+          and_return(true)
+
+        get :show
+
+        expect(response).to redirect_to(idv_agreement_url)
+      end
     end
 
     context 'hybrid_handoff already visited' do
@@ -90,6 +101,40 @@
         expect(response).to redirect_to(idv_link_sent_url)
       end
     end
+
+    context 'redo document capture' do
+      it 'does not redirect in standard flow' do
+        subject.user_session['idv/doc_auth'][:flow_path] = 'standard'
+
+        get :show, params: { redo: true }
+
+        expect(response).to render_template :show
+      end
+
+      it 'does not redirect in hybrid flow' do
+        subject.user_session['idv/doc_auth'][:flow_path] = 'hybrid'
+
+        get :show, params: { redo: true }
+
+        expect(response).to render_template :show
+      end
+
+      it 'redirects to document_capture on a mobile device' do
+        subject.user_session['idv/doc_auth'][:flow_path] = 'standard'
+        subject.user_session['idv/doc_auth'][:skip_upload_step] = true
+
+        get :show, params: { redo: true }
+
+        expect(response).to redirect_to(idv_document_capture_url)
+      end
+
+      it 'adds redo_document_capture to analytics' do
+        get :show, params: { redo: true }
+
+        analytics_args[:redo_document_capture] = true
+        expect(@analytics).to have_logged_event(analytics_name, analytics_args)
+      end
+    end
   end
 
   describe '#update' do
diff --git a/spec/controllers/idv/hybrid_mobile/capture_complete_controller_spec.rb b/spec/controllers/idv/hybrid_mobile/capture_complete_controller_spec.rb
index e7f4f7539dd..ea6d3c89845 100644
--- a/spec/controllers/idv/hybrid_mobile/capture_complete_controller_spec.rb
+++ b/spec/controllers/idv/hybrid_mobile/capture_complete_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::HybridMobile::CaptureCompleteController do
+RSpec.describe Idv::HybridMobile::CaptureCompleteController do
   include IdvHelper
 
   let(:user) { create(:user) }
diff --git a/spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb b/spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb
index bebc780ddf1..9740136c611 100644
--- a/spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb
+++ b/spec/controllers/idv/hybrid_mobile/document_capture_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::HybridMobile::DocumentCaptureController do
+RSpec.describe Idv::HybridMobile::DocumentCaptureController do
   include IdvHelper
 
   let(:user) { create(:user) }
diff --git a/spec/controllers/idv/hybrid_mobile/entry_controller_spec.rb b/spec/controllers/idv/hybrid_mobile/entry_controller_spec.rb
index f7b2dfdb799..22e8405521a 100644
--- a/spec/controllers/idv/hybrid_mobile/entry_controller_spec.rb
+++ b/spec/controllers/idv/hybrid_mobile/entry_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::HybridMobile::EntryController do
+RSpec.describe Idv::HybridMobile::EntryController do
   include IdvHelper
 
   describe '#show' do
diff --git a/spec/controllers/idv/image_uploads_controller_spec.rb b/spec/controllers/idv/image_uploads_controller_spec.rb
index d838b5600c4..4d1b1c2786e 100644
--- a/spec/controllers/idv/image_uploads_controller_spec.rb
+++ b/spec/controllers/idv/image_uploads_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::ImageUploadsController do
+RSpec.describe Idv::ImageUploadsController do
   let(:document_filename_regex) { /^[a-f0-9]{8}-([a-f0-9]{4}-){3}[a-f0-9]{12}\.[a-z]+$/ }
   let(:base64_regex) { /^[a-z0-9+\/]+=*$/i }
 
@@ -319,6 +319,7 @@
           },
           pii_like_keypaths: [[:pii]],
           flow_path: 'standard',
+          vendor_request_time_in_ms: a_kind_of(Float),
         )
 
         expect(@analytics).to receive(:track_event).with(
@@ -468,6 +469,7 @@
               },
               pii_like_keypaths: [[:pii]],
               flow_path: 'standard',
+              vendor_request_time_in_ms: a_kind_of(Float),
             )
 
             expect(@analytics).to receive(:track_event).with(
@@ -547,6 +549,7 @@
               },
               pii_like_keypaths: [[:pii]],
               flow_path: 'standard',
+              vendor_request_time_in_ms: a_kind_of(Float),
             )
 
             expect(@analytics).to receive(:track_event).with(
@@ -626,6 +629,7 @@
               },
               pii_like_keypaths: [[:pii]],
               flow_path: 'standard',
+              vendor_request_time_in_ms: a_kind_of(Float),
             )
 
             expect(@analytics).to receive(:track_event).with(
@@ -730,6 +734,7 @@
           doc_auth_result: nil,
           pii_like_keypaths: [[:pii]],
           flow_path: 'standard',
+          vendor_request_time_in_ms: a_kind_of(Float),
         )
 
         action
@@ -794,6 +799,7 @@
           },
           pii_like_keypaths: [[:pii]],
           flow_path: 'standard',
+          vendor_request_time_in_ms: a_kind_of(Float),
         )
 
         action
diff --git a/spec/controllers/idv/in_person/address_search_controller_spec.rb b/spec/controllers/idv/in_person/address_search_controller_spec.rb
index d0450c47b15..09aea7ee5d5 100644
--- a/spec/controllers/idv/in_person/address_search_controller_spec.rb
+++ b/spec/controllers/idv/in_person/address_search_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::InPerson::AddressSearchController do
+RSpec.describe Idv::InPerson::AddressSearchController do
   include IdvHelper
 
   let(:user) { create(:user) }
diff --git a/spec/controllers/idv/in_person/ready_to_verify_controller_spec.rb b/spec/controllers/idv/in_person/ready_to_verify_controller_spec.rb
index e365f18919e..b152b5abe26 100644
--- a/spec/controllers/idv/in_person/ready_to_verify_controller_spec.rb
+++ b/spec/controllers/idv/in_person/ready_to_verify_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::InPerson::ReadyToVerifyController do
+RSpec.describe Idv::InPerson::ReadyToVerifyController do
   let(:user) { create(:user) }
   let(:in_person_proofing_enabled) { false }
 
diff --git a/spec/controllers/idv/in_person/usps_locations_controller_spec.rb b/spec/controllers/idv/in_person/usps_locations_controller_spec.rb
index c3b0c457bc1..971d566ed5d 100644
--- a/spec/controllers/idv/in_person/usps_locations_controller_spec.rb
+++ b/spec/controllers/idv/in_person/usps_locations_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::InPerson::UspsLocationsController do
+RSpec.describe Idv::InPerson::UspsLocationsController do
   include IdvHelper
 
   let(:user) { create(:user) }
diff --git a/spec/controllers/idv/in_person/verify_info_controller_spec.rb b/spec/controllers/idv/in_person/verify_info_controller_spec.rb
index 16487d5bd14..50c76b382ec 100644
--- a/spec/controllers/idv/in_person/verify_info_controller_spec.rb
+++ b/spec/controllers/idv/in_person/verify_info_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::InPerson::VerifyInfoController do
+RSpec.describe Idv::InPerson::VerifyInfoController do
   include IdvHelper
 
   let(:pii_from_user) { Idp::Constants::MOCK_IDV_APPLICANT_WITH_SSN.dup }
diff --git a/spec/controllers/idv/in_person_controller_spec.rb b/spec/controllers/idv/in_person_controller_spec.rb
index b03cf8afa3c..ddae28f9d1c 100644
--- a/spec/controllers/idv/in_person_controller_spec.rb
+++ b/spec/controllers/idv/in_person_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::InPersonController do
+RSpec.describe Idv::InPersonController do
   let(:in_person_proofing_enabled) { false }
   let(:sp) { nil }
   let(:user) { nil }
diff --git a/spec/controllers/idv/link_sent_controller_spec.rb b/spec/controllers/idv/link_sent_controller_spec.rb
index 78d80fe2cf5..db145a6afc1 100644
--- a/spec/controllers/idv/link_sent_controller_spec.rb
+++ b/spec/controllers/idv/link_sent_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::LinkSentController do
+RSpec.describe Idv::LinkSentController do
   include IdvHelper
 
   let(:flow_session) do
@@ -27,10 +27,10 @@
       )
     end
 
-    it 'checks that upload step is complete' do
+    it 'checks that hybrid_handoff is complete' do
       expect(subject).to have_actions(
         :before,
-        :confirm_upload_step_complete,
+        :confirm_hybrid_handoff_complete,
       )
     end
   end
@@ -66,7 +66,7 @@
       )
     end
 
-    context '#confirm_upload_step_complete' do
+    context '#confirm_hybrid_handoff_complete' do
       context 'no flow_path' do
         it 'redirects to idv_hybrid_handoff_url' do
           flow_session[:flow_path] = nil
diff --git a/spec/controllers/idv/not_verified_controller_spec.rb b/spec/controllers/idv/not_verified_controller_spec.rb
index 0db79fdf987..b9fea39bf99 100644
--- a/spec/controllers/idv/not_verified_controller_spec.rb
+++ b/spec/controllers/idv/not_verified_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::NotVerifiedController do
+RSpec.describe Idv::NotVerifiedController do
   let(:user) { build_stubbed(:user, :fully_registered) }
 
   before do
diff --git a/spec/controllers/idv/otp_verification_controller_spec.rb b/spec/controllers/idv/otp_verification_controller_spec.rb
index 97e042158a9..faf7e3d871c 100644
--- a/spec/controllers/idv/otp_verification_controller_spec.rb
+++ b/spec/controllers/idv/otp_verification_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::OtpVerificationController do
+RSpec.describe Idv::OtpVerificationController do
   let(:user) { create(:user) }
 
   let(:phone) { '2255555000' }
diff --git a/spec/controllers/idv/personal_key_controller_spec.rb b/spec/controllers/idv/personal_key_controller_spec.rb
index c78f25b0b28..15b50436cee 100644
--- a/spec/controllers/idv/personal_key_controller_spec.rb
+++ b/spec/controllers/idv/personal_key_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::PersonalKeyController do
+RSpec.describe Idv::PersonalKeyController do
   include SamlAuthHelper
   include PersonalKeyValidator
 
diff --git a/spec/controllers/idv/phone_controller_spec.rb b/spec/controllers/idv/phone_controller_spec.rb
index 08ba93e9b2b..56765a3f743 100644
--- a/spec/controllers/idv/phone_controller_spec.rb
+++ b/spec/controllers/idv/phone_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::PhoneController do
+RSpec.describe Idv::PhoneController do
   include IdvHelper
 
   let(:max_attempts) { Throttle.max_attempts(:proof_address) }
diff --git a/spec/controllers/idv/phone_errors_controller_spec.rb b/spec/controllers/idv/phone_errors_controller_spec.rb
index 876149999a1..85b3d2bc316 100644
--- a/spec/controllers/idv/phone_errors_controller_spec.rb
+++ b/spec/controllers/idv/phone_errors_controller_spec.rb
@@ -1,86 +1,86 @@
 require 'rails_helper'
 
-shared_examples_for 'an idv phone errors controller action' do
-  describe 'before_actions' do
-    it 'includes before_actions from IdvSession' do
-      expect(subject).to have_actions(:before, :redirect_if_sp_context_needed)
+RSpec.describe Idv::PhoneErrorsController do
+  shared_examples_for 'an idv phone errors controller action' do
+    describe 'before_actions' do
+      it 'includes before_actions from IdvSession' do
+        expect(subject).to have_actions(:before, :redirect_if_sp_context_needed)
+      end
     end
-  end
-
-  context 'the user is authenticated and has not confirmed their phone' do
-    let(:user) { create(:user) }
 
-    it 'renders the error' do
-      get action
-
-      expect(response).to render_template(template)
-    end
+    context 'the user is authenticated and has not confirmed their phone' do
+      let(:user) { create(:user) }
 
-    it 'logs an event' do
-      expect(@analytics).to receive(:track_event).with(
-        'IdV: phone error visited',
-        hash_including(
-          type: action,
-        ),
-      )
-      get action
-    end
+      it 'renders the error' do
+        get action
 
-    context 'fetch() request from form-steps-wait JS' do
-      before do
-        request.headers['X-Form-Steps-Wait'] = '1'
+        expect(response).to render_template(template)
       end
-      it 'returns an empty response' do
+
+      it 'logs an event' do
+        expect(@analytics).to receive(:track_event).with(
+          'IdV: phone error visited',
+          hash_including(
+            type: action,
+          ),
+        )
         get action
-        expect(response).to have_http_status(204)
       end
-      it 'does not log an event' do
-        expect(@analytics).not_to receive(:track_event).with('IdV: phone error visited', anything)
-        get action
+
+      context 'fetch() request from form-steps-wait JS' do
+        before do
+          request.headers['X-Form-Steps-Wait'] = '1'
+        end
+        it 'returns an empty response' do
+          get action
+          expect(response).to have_http_status(204)
+        end
+        it 'does not log an event' do
+          expect(@analytics).not_to receive(:track_event).with('IdV: phone error visited', anything)
+          get action
+        end
       end
     end
-  end
 
-  context 'the user is authenticated and has confirmed their phone' do
-    let(:user) { create(:user) }
-    let(:idv_session_user_phone_confirmation) { true }
+    context 'the user is authenticated and has confirmed their phone' do
+      let(:user) { create(:user) }
+      let(:idv_session_user_phone_confirmation) { true }
 
-    it 'redirects to the review url' do
-      get action
+      it 'redirects to the review url' do
+        get action
 
-      expect(response).to redirect_to(idv_review_url)
-    end
-    it 'does not log an event' do
-      expect(@analytics).not_to receive(:track_event).with(
-        'IdV: phone error visited',
-        hash_including(
-          type: action,
-        ),
-      )
-      get action
+        expect(response).to redirect_to(idv_review_url)
+      end
+      it 'does not log an event' do
+        expect(@analytics).not_to receive(:track_event).with(
+          'IdV: phone error visited',
+          hash_including(
+            type: action,
+          ),
+        )
+        get action
+      end
     end
-  end
 
-  context 'the user is not authenticated and not recovering their account' do
-    let(:user) { nil }
-    it 'redirects to sign in' do
-      get action
+    context 'the user is not authenticated and not recovering their account' do
+      let(:user) { nil }
+      it 'redirects to sign in' do
+        get action
 
-      expect(response).to redirect_to(new_user_session_url)
-    end
-    it 'does not log an event' do
-      expect(@analytics).not_to receive(:track_event).with(
-        'IdV: phone error visited',
-        hash_including(
-          type: action,
-        ),
-      )
-      get action
+        expect(response).to redirect_to(new_user_session_url)
+      end
+      it 'does not log an event' do
+        expect(@analytics).not_to receive(:track_event).with(
+          'IdV: phone error visited',
+          hash_including(
+            type: action,
+          ),
+        )
+        get action
+      end
     end
   end
-end
 
-describe Idv::PhoneErrorsController do
   let(:idv_session) { double }
   let(:idv_session_user_phone_confirmation) { false }
   let(:user) { nil }
diff --git a/spec/controllers/idv/please_call_controller_spec.rb b/spec/controllers/idv/please_call_controller_spec.rb
index cb5c4aa8833..9ff9a547d47 100644
--- a/spec/controllers/idv/please_call_controller_spec.rb
+++ b/spec/controllers/idv/please_call_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::PleaseCallController do
+RSpec.describe Idv::PleaseCallController do
   let(:user) { create(:user) }
   let(:fraud_review_pending_date) { 5.days.ago }
   let(:verify_date) { 20.days.ago }
diff --git a/spec/controllers/idv/resend_otp_controller_spec.rb b/spec/controllers/idv/resend_otp_controller_spec.rb
index 22224dfe9f8..112cc56f3f4 100644
--- a/spec/controllers/idv/resend_otp_controller_spec.rb
+++ b/spec/controllers/idv/resend_otp_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::ResendOtpController do
+RSpec.describe Idv::ResendOtpController do
   let(:user) { build(:user) }
 
   let(:phone) { '+1 (225) 555-5000' }
diff --git a/spec/controllers/idv/review_controller_spec.rb b/spec/controllers/idv/review_controller_spec.rb
index 97d4714ab48..e7a0d2c6d80 100644
--- a/spec/controllers/idv/review_controller_spec.rb
+++ b/spec/controllers/idv/review_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::ReviewController do
+RSpec.describe Idv::ReviewController do
   include UspsIppHelper
 
   let(:user) do
diff --git a/spec/controllers/idv/session_errors_controller_spec.rb b/spec/controllers/idv/session_errors_controller_spec.rb
index e6145b8ceae..26809d47ea3 100644
--- a/spec/controllers/idv/session_errors_controller_spec.rb
+++ b/spec/controllers/idv/session_errors_controller_spec.rb
@@ -1,120 +1,122 @@
 require 'rails_helper'
 
-shared_examples_for 'an idv session errors controller action' do
-  context 'the user is authenticated and has not confirmed their profile' do
-    let(:user) { build(:user) }
-
-    it 'renders the error' do
-      get action
-      expect(response).to render_template(template)
-    end
-
-    it 'logs an event' do
-      expect(@analytics).to receive(:track_event).with(
-        'IdV: session error visited',
-        hash_including(type: action.to_s),
-      ).once
-      get action
-    end
+RSpec.describe Idv::SessionErrorsController do
+  shared_examples_for 'an idv session errors controller action' do
+    context 'the user is authenticated and has not confirmed their profile' do
+      let(:user) { build(:user) }
 
-    context 'fetch() request from form-steps-wait JS' do
-      before do
-        request.headers['X-Form-Steps-Wait'] = '1'
+      it 'renders the error' do
+        get action
+        expect(response).to render_template(template)
       end
 
-      it 'returns an empty response' do
+      it 'logs an event' do
+        expect(@analytics).to receive(:track_event).with(
+          'IdV: session error visited',
+          hash_including(type: action.to_s),
+        ).once
         get action
-        expect(response).to have_http_status(204)
       end
-      it 'does not log an event' do
-        expect(@analytics).not_to receive(:track_event).with('IdV: session error visited', anything)
-        get action
+
+      context 'fetch() request from form-steps-wait JS' do
+        before do
+          request.headers['X-Form-Steps-Wait'] = '1'
+        end
+
+        it 'returns an empty response' do
+          get action
+          expect(response).to have_http_status(204)
+        end
+        it 'does not log an event' do
+          expect(@analytics).not_to receive(:track_event).
+            with('IdV: session error visited', anything)
+          get action
+        end
       end
     end
-  end
 
-  context 'the user is authenticated and has confirmed their profile' do
-    let(:verify_info_step_complete) { true }
-    let(:user) { build(:user) }
-
-    it 'redirects to the phone url' do
-      get action
+    context 'the user is authenticated and has confirmed their profile' do
+      let(:verify_info_step_complete) { true }
+      let(:user) { build(:user) }
 
-      expect(response).to redirect_to(idv_phone_url)
-    end
-    it 'does not log an event' do
-      expect(@analytics).not_to receive(:track_event).with(
-        'IdV: session error visited',
-        hash_including(type: action.to_s),
-      )
-      get action
-    end
-  end
+      it 'redirects to the phone url' do
+        get action
 
-  context 'the user is not authenticated and in doc capture flow' do
-    before do
-      user = create(:user, :fully_registered)
-      controller.session[:doc_capture_user_id] = user.id
-    end
-    it 'renders the error' do
-      get action
-      expect(response).to render_template(template)
-    end
-    it 'logs an event' do
-      expect(@analytics).to receive(:track_event).with(
-        'IdV: session error visited',
-        hash_including(type: action.to_s),
-      ).once
-      get action
+        expect(response).to redirect_to(idv_phone_url)
+      end
+      it 'does not log an event' do
+        expect(@analytics).not_to receive(:track_event).with(
+          'IdV: session error visited',
+          hash_including(type: action.to_s),
+        )
+        get action
+      end
     end
 
-    context 'fetch() request from form-steps-wait JS' do
+    context 'the user is not authenticated and in doc capture flow' do
       before do
-        request.headers['X-Form-Steps-Wait'] = '1'
+        user = create(:user, :fully_registered)
+        controller.session[:doc_capture_user_id] = user.id
       end
-
-      it 'returns an empty response' do
+      it 'renders the error' do
         get action
-        expect(response).to have_http_status(204)
+        expect(response).to render_template(template)
       end
-      it 'does not log an event' do
-        expect(@analytics).not_to receive(:track_event).with('IdV: session error visited', anything)
+      it 'logs an event' do
+        expect(@analytics).to receive(:track_event).with(
+          'IdV: session error visited',
+          hash_including(type: action.to_s),
+        ).once
         get action
       end
-    end
-  end
 
-  context 'the user is not authenticated and not recovering their account' do
-    it 'redirects to sign in' do
-      get action
+      context 'fetch() request from form-steps-wait JS' do
+        before do
+          request.headers['X-Form-Steps-Wait'] = '1'
+        end
 
-      expect(response).to redirect_to(new_user_session_url)
-    end
-    it 'does not log an event' do
-      expect(@analytics).not_to receive(:track_event).with(
-        'IdV: session error visited',
-        hash_including(type: action.to_s),
-      )
-      get action
+        it 'returns an empty response' do
+          get action
+          expect(response).to have_http_status(204)
+        end
+        it 'does not log an event' do
+          expect(@analytics).not_to receive(:track_event).
+            with('IdV: session error visited', anything)
+          get action
+        end
+      end
     end
-  end
 
-  context 'the user is in the hybrid flow' do
-    render_views
-    let(:effective_user) { create(:user) }
+    context 'the user is not authenticated and not recovering their account' do
+      it 'redirects to sign in' do
+        get action
 
-    before do
-      session[:doc_capture_user_id] = effective_user.id
+        expect(response).to redirect_to(new_user_session_url)
+      end
+      it 'does not log an event' do
+        expect(@analytics).not_to receive(:track_event).with(
+          'IdV: session error visited',
+          hash_including(type: action.to_s),
+        )
+        get action
+      end
     end
 
-    it 'renders the error template' do
-      get action
-      expect(response).to render_template(template)
+    context 'the user is in the hybrid flow' do
+      render_views
+      let(:effective_user) { create(:user) }
+
+      before do
+        session[:doc_capture_user_id] = effective_user.id
+      end
+
+      it 'renders the error template' do
+        get action
+        expect(response).to render_template(template)
+      end
     end
   end
-end
 
-describe Idv::SessionErrorsController do
   let(:idv_session) { double }
   let(:verify_info_step_complete) { false }
   let(:user) { nil }
diff --git a/spec/controllers/idv/sessions_controller_spec.rb b/spec/controllers/idv/sessions_controller_spec.rb
index 44b418bbd95..20ed75f980c 100644
--- a/spec/controllers/idv/sessions_controller_spec.rb
+++ b/spec/controllers/idv/sessions_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::SessionsController do
+RSpec.describe Idv::SessionsController do
   let(:user) { build(:user) }
   let(:enrollment) { create(:in_person_enrollment, :pending, user: user) }
 
diff --git a/spec/controllers/idv/ssn_controller_spec.rb b/spec/controllers/idv/ssn_controller_spec.rb
index 5773c0d3b69..0c409b97adc 100644
--- a/spec/controllers/idv/ssn_controller_spec.rb
+++ b/spec/controllers/idv/ssn_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::SsnController do
+RSpec.describe Idv::SsnController do
   include IdvHelper
 
   let(:flow_session) do
diff --git a/spec/controllers/idv/unavailable_controller_spec.rb b/spec/controllers/idv/unavailable_controller_spec.rb
index 5c868d577be..9acd380bae0 100644
--- a/spec/controllers/idv/unavailable_controller_spec.rb
+++ b/spec/controllers/idv/unavailable_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::UnavailableController, type: :controller do
+RSpec.describe Idv::UnavailableController, type: :controller do
   let(:idv_available) { false }
 
   before do
diff --git a/spec/controllers/idv/verify_info_controller_spec.rb b/spec/controllers/idv/verify_info_controller_spec.rb
index bd89ece5a39..adbb50925ec 100644
--- a/spec/controllers/idv/verify_info_controller_spec.rb
+++ b/spec/controllers/idv/verify_info_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::VerifyInfoController do
+RSpec.describe Idv::VerifyInfoController do
   include IdvHelper
 
   let(:flow_session) do
diff --git a/spec/controllers/idv_controller_spec.rb b/spec/controllers/idv_controller_spec.rb
index 2c5f27dd480..db46011e71f 100644
--- a/spec/controllers/idv_controller_spec.rb
+++ b/spec/controllers/idv_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe IdvController do
+RSpec.describe IdvController do
   before do
     stub_sign_in
   end
diff --git a/spec/controllers/mfa_confirmation_controller_spec.rb b/spec/controllers/mfa_confirmation_controller_spec.rb
index 32281331b0f..aef969e444a 100644
--- a/spec/controllers/mfa_confirmation_controller_spec.rb
+++ b/spec/controllers/mfa_confirmation_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe MfaConfirmationController do
+RSpec.describe MfaConfirmationController do
   describe '#show' do
     it 'presents the mfa confirmation page.' do
       stub_sign_in
diff --git a/spec/controllers/no_js_controller_spec.rb b/spec/controllers/no_js_controller_spec.rb
index a5fb0703e23..ba3a3b1c53e 100644
--- a/spec/controllers/no_js_controller_spec.rb
+++ b/spec/controllers/no_js_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe NoJsController do
+RSpec.describe NoJsController do
   describe '#index' do
     subject(:response) { get :index }
 
diff --git a/spec/controllers/pages_controller_spec.rb b/spec/controllers/pages_controller_spec.rb
index 7142764da7a..0dde92b2fc7 100644
--- a/spec/controllers/pages_controller_spec.rb
+++ b/spec/controllers/pages_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PagesController do
+RSpec.describe PagesController do
   describe 'analytics' do
     controller do
       def index
diff --git a/spec/controllers/password_capture_controller_spec.rb b/spec/controllers/password_capture_controller_spec.rb
index 69236a81c86..db9e89ee265 100644
--- a/spec/controllers/password_capture_controller_spec.rb
+++ b/spec/controllers/password_capture_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PasswordCaptureController do
+RSpec.describe PasswordCaptureController do
   describe '#update' do
     let(:user) { create(:user, :fully_registered, password: 'a really long sekrit') }
 
diff --git a/spec/controllers/reactivate_account_controller_spec.rb b/spec/controllers/reactivate_account_controller_spec.rb
index b441eed9ea5..2b8931d4975 100644
--- a/spec/controllers/reactivate_account_controller_spec.rb
+++ b/spec/controllers/reactivate_account_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ReactivateAccountController do
+RSpec.describe ReactivateAccountController do
   let(:user) { create(:user, profiles: profiles) }
   let(:profiles) { [] }
 
diff --git a/spec/controllers/redirect/contact_controller_spec.rb b/spec/controllers/redirect/contact_controller_spec.rb
index 97826f1d854..c4fe9000464 100644
--- a/spec/controllers/redirect/contact_controller_spec.rb
+++ b/spec/controllers/redirect/contact_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Redirect::ContactController do
+RSpec.describe Redirect::ContactController do
   before do
     stub_analytics
   end
diff --git a/spec/controllers/redirect/help_center_controller_spec.rb b/spec/controllers/redirect/help_center_controller_spec.rb
index 521d5d23199..86cb32cde18 100644
--- a/spec/controllers/redirect/help_center_controller_spec.rb
+++ b/spec/controllers/redirect/help_center_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Redirect::HelpCenterController do
+RSpec.describe Redirect::HelpCenterController do
   before do
     stub_analytics
   end
diff --git a/spec/controllers/redirect/policy_controller_spec.rb b/spec/controllers/redirect/policy_controller_spec.rb
index eb90b536887..3a6256b8025 100644
--- a/spec/controllers/redirect/policy_controller_spec.rb
+++ b/spec/controllers/redirect/policy_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Redirect::PolicyController do
+RSpec.describe Redirect::PolicyController do
   before do
     stub_analytics
   end
diff --git a/spec/controllers/redirect/return_to_sp_controller_spec.rb b/spec/controllers/redirect/return_to_sp_controller_spec.rb
index 8c52e03eca6..cefe20b9871 100644
--- a/spec/controllers/redirect/return_to_sp_controller_spec.rb
+++ b/spec/controllers/redirect/return_to_sp_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Redirect::ReturnToSpController do
+RSpec.describe Redirect::ReturnToSpController do
   let(:current_sp) { build(:service_provider) }
 
   before do
diff --git a/spec/controllers/saml_completion_controller_spec.rb b/spec/controllers/saml_completion_controller_spec.rb
index 65b8af224ea..691cef5f086 100644
--- a/spec/controllers/saml_completion_controller_spec.rb
+++ b/spec/controllers/saml_completion_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SamlCompletionController do
+RSpec.describe SamlCompletionController do
   describe 'GET #index' do
     render_views
     include ActionView::Helpers::FormTagHelper
diff --git a/spec/controllers/saml_idp_controller_spec.rb b/spec/controllers/saml_idp_controller_spec.rb
index 97931b3cd51..bbe363ac307 100644
--- a/spec/controllers/saml_idp_controller_spec.rb
+++ b/spec/controllers/saml_idp_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SamlIdpController do
+RSpec.describe SamlIdpController do
   include SamlAuthHelper
 
   render_views
diff --git a/spec/controllers/saml_post_controller_spec.rb b/spec/controllers/saml_post_controller_spec.rb
index c118ff3db80..850ebdbd1b8 100644
--- a/spec/controllers/saml_post_controller_spec.rb
+++ b/spec/controllers/saml_post_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SamlPostController do
+RSpec.describe SamlPostController do
   describe 'POST /api/saml/auth' do
     render_views
     include ActionView::Helpers::FormTagHelper
diff --git a/spec/controllers/saml_signed_message_spec.rb b/spec/controllers/saml_signed_message_spec.rb
index ba72c9b7795..33717b3f1de 100644
--- a/spec/controllers/saml_signed_message_spec.rb
+++ b/spec/controllers/saml_signed_message_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SamlIdpController do
+RSpec.describe SamlIdpController do
   include SamlAuthHelper
 
   before do
diff --git a/spec/controllers/service_provider_controller_spec.rb b/spec/controllers/service_provider_controller_spec.rb
index faabae72b69..f02370f0f65 100644
--- a/spec/controllers/service_provider_controller_spec.rb
+++ b/spec/controllers/service_provider_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ServiceProviderController do
+RSpec.describe ServiceProviderController do
   include SamlAuthHelper
 
   describe '#update' do
diff --git a/spec/controllers/sign_out_controller_spec.rb b/spec/controllers/sign_out_controller_spec.rb
index c7563b8b961..26086f1c32e 100644
--- a/spec/controllers/sign_out_controller_spec.rb
+++ b/spec/controllers/sign_out_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SignOutController do
+RSpec.describe SignOutController do
   describe '#destroy' do
     it 'redirects to decorated_session.cancel_link_url with flash message' do
       stub_sign_in_before_2fa
diff --git a/spec/controllers/sign_up/cancellations_controller_spec.rb b/spec/controllers/sign_up/cancellations_controller_spec.rb
index 17389633953..5deb7e29a0b 100644
--- a/spec/controllers/sign_up/cancellations_controller_spec.rb
+++ b/spec/controllers/sign_up/cancellations_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SignUp::CancellationsController do
+RSpec.describe SignUp::CancellationsController do
   describe '#new' do
     it 'tracks the event in analytics when referer is nil' do
       stub_sign_in
diff --git a/spec/controllers/sign_up/completions_controller_spec.rb b/spec/controllers/sign_up/completions_controller_spec.rb
index 71a76d439d9..dfba42b718f 100644
--- a/spec/controllers/sign_up/completions_controller_spec.rb
+++ b/spec/controllers/sign_up/completions_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SignUp::CompletionsController do
+RSpec.describe SignUp::CompletionsController do
   describe '#show' do
     let(:current_sp) { create(:service_provider) }
 
@@ -190,7 +190,6 @@
     before do
       stub_analytics
       allow(@analytics).to receive(:track_event)
-      allow(controller).to receive(:sign_in_a_b_test_bucket).and_return(:default)
       @linker = instance_double(IdentityLinker)
       allow(@linker).to receive(:link_identity).and_return(true)
       allow(IdentityLinker).to receive(:new).and_return(@linker)
@@ -214,7 +213,6 @@
           service_provider_name: subject.decorated_session.sp_name,
           page_occurence: 'agency-page',
           needs_completion_screen_reason: :new_sp,
-          sign_in_a_b_test_bucket: :default,
           sp_request_requested_attributes: nil,
           sp_session_requested_attributes: nil,
         )
@@ -274,7 +272,6 @@
           service_provider_name: subject.decorated_session.sp_name,
           page_occurence: 'agency-page',
           needs_completion_screen_reason: :new_sp,
-          sign_in_a_b_test_bucket: :default,
           sp_request_requested_attributes: nil,
           sp_session_requested_attributes: ['email'],
         )
diff --git a/spec/controllers/sign_up/email_confirmations_controller_spec.rb b/spec/controllers/sign_up/email_confirmations_controller_spec.rb
index 09c8189f4f7..017e7fd7eef 100644
--- a/spec/controllers/sign_up/email_confirmations_controller_spec.rb
+++ b/spec/controllers/sign_up/email_confirmations_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SignUp::EmailConfirmationsController do
+RSpec.describe SignUp::EmailConfirmationsController do
   describe '#create' do
     let(:token_not_found_error) { { confirmation_token: [:not_found] } }
     let(:token_expired_error) { { confirmation_token: [:expired] } }
diff --git a/spec/controllers/sign_up/passwords_controller_spec.rb b/spec/controllers/sign_up/passwords_controller_spec.rb
index 8dcf444c235..a33fbabb111 100644
--- a/spec/controllers/sign_up/passwords_controller_spec.rb
+++ b/spec/controllers/sign_up/passwords_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SignUp::PasswordsController do
+RSpec.describe SignUp::PasswordsController do
   let(:token) { 'new token' }
 
   describe '#create' do
diff --git a/spec/controllers/sign_up/registrations_controller_spec.rb b/spec/controllers/sign_up/registrations_controller_spec.rb
index 8a28af1c2d5..0aaaad51b5e 100644
--- a/spec/controllers/sign_up/registrations_controller_spec.rb
+++ b/spec/controllers/sign_up/registrations_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SignUp::RegistrationsController, devise: true do
+RSpec.describe SignUp::RegistrationsController, devise: true do
   describe '#new' do
     it 'allows user to visit the sign up page' do
       get :new
@@ -28,13 +28,7 @@
 
     it 'tracks visit event' do
       stub_analytics
-      allow(controller).to receive(:sign_in_a_b_test_bucket).and_return(:default)
-
-      expect(@analytics).to receive(:track_event).with(
-        'User Registration: enter email visited',
-        sign_in_a_b_test_bucket: :default,
-        from_sign_in: false,
-      )
+      expect(@analytics).to receive(:track_event).with('User Registration: enter email visited')
 
       get :new
     end
@@ -42,15 +36,10 @@
     context 'with source parameter' do
       it 'tracks visit event' do
         stub_analytics
-        allow(controller).to receive(:sign_in_a_b_test_bucket).and_return(:default)
 
-        expect(@analytics).to receive(:track_event).with(
-          'User Registration: enter email visited',
-          sign_in_a_b_test_bucket: :default,
-          from_sign_in: true,
-        )
+        expect(@analytics).to receive(:track_event).with('User Registration: enter email visited')
 
-        get :new, params: { source: :sign_in }
+        get :new
       end
     end
 
diff --git a/spec/controllers/test/piv_cac_authentication_test_subject_controller_spec.rb b/spec/controllers/test/piv_cac_authentication_test_subject_controller_spec.rb
index 7da5503d6d3..fb52dd93b92 100644
--- a/spec/controllers/test/piv_cac_authentication_test_subject_controller_spec.rb
+++ b/spec/controllers/test/piv_cac_authentication_test_subject_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Test::PivCacAuthenticationTestSubjectController do
+RSpec.describe Test::PivCacAuthenticationTestSubjectController do
   describe 'when not in development' do
     before(:each) do
       allow(Rails.env).to receive(:development?) { false }
diff --git a/spec/controllers/test/push_notification_controller_spec.rb b/spec/controllers/test/push_notification_controller_spec.rb
index 7129b44fdf9..164e6444b72 100644
--- a/spec/controllers/test/push_notification_controller_spec.rb
+++ b/spec/controllers/test/push_notification_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Test::PushNotificationController do
+RSpec.describe Test::PushNotificationController do
   before do
     allow(IdentityConfig.store).to receive(:risc_notifications_local_enabled).and_return(true)
   end
diff --git a/spec/controllers/test/telephony_controller_spec.rb b/spec/controllers/test/telephony_controller_spec.rb
index f917f0e26d7..98c5be31ff9 100644
--- a/spec/controllers/test/telephony_controller_spec.rb
+++ b/spec/controllers/test/telephony_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Test::TelephonyController do
+RSpec.describe Test::TelephonyController do
   describe '#index' do
     it 'sets @messages and @calls and renders' do
       Telephony.send_authentication_otp(
diff --git a/spec/controllers/two_factor_authentication/backup_code_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/backup_code_verification_controller_spec.rb
index 64a3f6f597b..b8ff25801f9 100644
--- a/spec/controllers/two_factor_authentication/backup_code_verification_controller_spec.rb
+++ b/spec/controllers/two_factor_authentication/backup_code_verification_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::BackupCodeVerificationController do
+RSpec.describe TwoFactorAuthentication::BackupCodeVerificationController do
   let(:backup_code) { { backup_code: 'foo' } }
   let(:payload) { { backup_code_verification_form: backup_code } }
 
diff --git a/spec/controllers/two_factor_authentication/options_controller_spec.rb b/spec/controllers/two_factor_authentication/options_controller_spec.rb
index 52770aedf5b..a2d42dfe554 100644
--- a/spec/controllers/two_factor_authentication/options_controller_spec.rb
+++ b/spec/controllers/two_factor_authentication/options_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::OptionsController do
+RSpec.describe TwoFactorAuthentication::OptionsController do
   describe '#index' do
     it 'renders the page' do
       sign_in_before_2fa
diff --git a/spec/controllers/two_factor_authentication/otp_expired_controller_spec.rb b/spec/controllers/two_factor_authentication/otp_expired_controller_spec.rb
index 2e7d7fd07e3..f9999747a38 100644
--- a/spec/controllers/two_factor_authentication/otp_expired_controller_spec.rb
+++ b/spec/controllers/two_factor_authentication/otp_expired_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::OtpExpiredController do
+RSpec.describe TwoFactorAuthentication::OtpExpiredController do
   let(:direct_otp_sent_at) { Time.zone.now }
   let(:delivery_preference) { 'voice' }
   before do
diff --git a/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb
index cc03c67b446..7624b1a4787 100644
--- a/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb
+++ b/spec/controllers/two_factor_authentication/otp_verification_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::OtpVerificationController do
+RSpec.describe TwoFactorAuthentication::OtpVerificationController do
   describe '#show' do
     context 'when resource is not fully authenticated yet' do
       before do
diff --git a/spec/controllers/two_factor_authentication/personal_key_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/personal_key_verification_controller_spec.rb
index a3ec63a5570..0b89a067c76 100644
--- a/spec/controllers/two_factor_authentication/personal_key_verification_controller_spec.rb
+++ b/spec/controllers/two_factor_authentication/personal_key_verification_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::PersonalKeyVerificationController do
+RSpec.describe TwoFactorAuthentication::PersonalKeyVerificationController do
   let(:personal_key) { { personal_key: 'foo' } }
   let(:payload) { { personal_key_form: personal_key } }
 
diff --git a/spec/controllers/two_factor_authentication/piv_cac_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/piv_cac_verification_controller_spec.rb
index c15a8f957fa..ba74565d6b6 100644
--- a/spec/controllers/two_factor_authentication/piv_cac_verification_controller_spec.rb
+++ b/spec/controllers/two_factor_authentication/piv_cac_verification_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::PivCacVerificationController do
+RSpec.describe TwoFactorAuthentication::PivCacVerificationController do
   let(:user) do
     create(
       :user, :fully_registered, :with_piv_or_cac,
diff --git a/spec/controllers/two_factor_authentication/totp_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/totp_verification_controller_spec.rb
index 3008b84a875..4069de18470 100644
--- a/spec/controllers/two_factor_authentication/totp_verification_controller_spec.rb
+++ b/spec/controllers/two_factor_authentication/totp_verification_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::TotpVerificationController do
+RSpec.describe TwoFactorAuthentication::TotpVerificationController do
   before do
     stub_analytics
     stub_attempts_tracker
diff --git a/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb b/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb
index edc18df1258..14e621014c5 100644
--- a/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb
+++ b/spec/controllers/two_factor_authentication/webauthn_verification_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::WebauthnVerificationController do
+RSpec.describe TwoFactorAuthentication::WebauthnVerificationController do
   include WebAuthnHelper
 
   describe 'when not signed in' do
diff --git a/spec/controllers/users/authorization_confirmation_controller_spec.rb b/spec/controllers/users/authorization_confirmation_controller_spec.rb
index 4b0c036a462..9512042f3e8 100644
--- a/spec/controllers/users/authorization_confirmation_controller_spec.rb
+++ b/spec/controllers/users/authorization_confirmation_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::AuthorizationConfirmationController do
+RSpec.describe Users::AuthorizationConfirmationController do
   let(:user) { create(:user, :fully_registered) }
   let(:sp) { create(:service_provider) }
   let(:issuer) { sp.issuer }
diff --git a/spec/controllers/users/backup_code_setup_controller_spec.rb b/spec/controllers/users/backup_code_setup_controller_spec.rb
index 9254c50458c..d1674d2591a 100644
--- a/spec/controllers/users/backup_code_setup_controller_spec.rb
+++ b/spec/controllers/users/backup_code_setup_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::BackupCodeSetupController do
+RSpec.describe Users::BackupCodeSetupController do
   describe 'before_actions' do
     it 'includes appropriate before_actions' do
       expect(subject).to have_actions(
diff --git a/spec/controllers/users/delete_controller_spec.rb b/spec/controllers/users/delete_controller_spec.rb
index 5004e52db02..8cab2b1ffd5 100644
--- a/spec/controllers/users/delete_controller_spec.rb
+++ b/spec/controllers/users/delete_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::DeleteController do
+RSpec.describe Users::DeleteController do
   describe '#show' do
     it 'shows and logs a visit' do
       stub_analytics
diff --git a/spec/controllers/users/edit_phone_controller_spec.rb b/spec/controllers/users/edit_phone_controller_spec.rb
index b4e883ecc8f..fb460dfbd84 100644
--- a/spec/controllers/users/edit_phone_controller_spec.rb
+++ b/spec/controllers/users/edit_phone_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::EditPhoneController do
+RSpec.describe Users::EditPhoneController do
   describe '#update' do
     let(:user) { create(:user, :fully_registered) }
     let(:phone_configuration) { user.phone_configurations.first }
diff --git a/spec/controllers/users/email_confirmations_controller_spec.rb b/spec/controllers/users/email_confirmations_controller_spec.rb
index 3da7fa06e62..b6495043c2b 100644
--- a/spec/controllers/users/email_confirmations_controller_spec.rb
+++ b/spec/controllers/users/email_confirmations_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::EmailConfirmationsController do
+RSpec.describe Users::EmailConfirmationsController do
   describe '#create' do
     describe 'Valid email confirmation tokens' do
       it 'tracks a valid email confirmation token event' do
diff --git a/spec/controllers/users/mfa_selection_controller_spec.rb b/spec/controllers/users/mfa_selection_controller_spec.rb
index 6fb3e06b5c8..c997d4116fe 100644
--- a/spec/controllers/users/mfa_selection_controller_spec.rb
+++ b/spec/controllers/users/mfa_selection_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::MfaSelectionController do
+RSpec.describe Users::MfaSelectionController do
   let(:current_sp) { create(:service_provider) }
 
   describe '#index' do
diff --git a/spec/controllers/users/passwords_controller_spec.rb b/spec/controllers/users/passwords_controller_spec.rb
index e23eaaa5b1c..0a251a9ff79 100644
--- a/spec/controllers/users/passwords_controller_spec.rb
+++ b/spec/controllers/users/passwords_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::PasswordsController do
+RSpec.describe Users::PasswordsController do
   describe '#update' do
     context 'form returns success' do
       it 'redirects to profile and sends a password change email' do
diff --git a/spec/controllers/users/phone_setup_controller_spec.rb b/spec/controllers/users/phone_setup_controller_spec.rb
index cab01b509bb..5c9410352c5 100644
--- a/spec/controllers/users/phone_setup_controller_spec.rb
+++ b/spec/controllers/users/phone_setup_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::PhoneSetupController do
+RSpec.describe Users::PhoneSetupController do
   let(:mfa_selections) { ['voice'] }
   before do
     allow(IdentityConfig.store).to receive(:phone_service_check).and_return(true)
diff --git a/spec/controllers/users/phones_controller_spec.rb b/spec/controllers/users/phones_controller_spec.rb
index f9d7678c67e..91af6cdbbe2 100644
--- a/spec/controllers/users/phones_controller_spec.rb
+++ b/spec/controllers/users/phones_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::PhonesController do
+RSpec.describe Users::PhonesController do
   let(:user) { create(:user, :fully_registered, with: { phone: '+1 (202) 555-1234' }) }
   before do
     stub_sign_in(user)
diff --git a/spec/controllers/users/piv_cac_authentication_setup_controller_spec.rb b/spec/controllers/users/piv_cac_authentication_setup_controller_spec.rb
index 138247b2ad3..6cd98834fe5 100644
--- a/spec/controllers/users/piv_cac_authentication_setup_controller_spec.rb
+++ b/spec/controllers/users/piv_cac_authentication_setup_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::PivCacAuthenticationSetupController do
+RSpec.describe Users::PivCacAuthenticationSetupController do
   describe 'before_actions' do
     it 'includes appropriate before_actions' do
       expect(subject).to have_actions(
diff --git a/spec/controllers/users/piv_cac_login_controller_spec.rb b/spec/controllers/users/piv_cac_login_controller_spec.rb
index 465c3150542..36eee5da483 100644
--- a/spec/controllers/users/piv_cac_login_controller_spec.rb
+++ b/spec/controllers/users/piv_cac_login_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::PivCacLoginController do
+RSpec.describe Users::PivCacLoginController do
   describe 'GET new' do
     before do
       stub_analytics
diff --git a/spec/controllers/users/reset_passwords_controller_spec.rb b/spec/controllers/users/reset_passwords_controller_spec.rb
index e563bf02f79..5ac8325473d 100644
--- a/spec/controllers/users/reset_passwords_controller_spec.rb
+++ b/spec/controllers/users/reset_passwords_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::ResetPasswordsController, devise: true do
+RSpec.describe Users::ResetPasswordsController, devise: true do
   let(:password_error_message) do
     t('errors.attributes.password.too_short.other', count: Devise.password_length.first)
   end
diff --git a/spec/controllers/users/sessions_controller_spec.rb b/spec/controllers/users/sessions_controller_spec.rb
index f62cc526563..bd1aa408154 100644
--- a/spec/controllers/users/sessions_controller_spec.rb
+++ b/spec/controllers/users/sessions_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::SessionsController, devise: true do
+RSpec.describe Users::SessionsController, devise: true do
   include ActionView::Helpers::DateHelper
   let(:mock_valid_site) { 'http://example.com' }
 
@@ -590,14 +590,12 @@
       it 'tracks page visit, any alert flashes, and the Devise stored location' do
         stub_analytics
         allow(controller).to receive(:flash).and_return(alert: 'hello')
-        allow(controller).to receive(:sign_in_a_b_test_bucket).and_return(:default)
         subject.session['user_return_to'] = mock_valid_site
 
         expect(@analytics).to receive(:track_event).with(
           'Sign in page visited',
           flash: 'hello',
           stored_location: mock_valid_site,
-          sign_in_a_b_test_bucket: :default,
         )
 
         get :new
diff --git a/spec/controllers/users/totp_setup_controller_spec.rb b/spec/controllers/users/totp_setup_controller_spec.rb
index 45796ce1d52..d9aabebb489 100644
--- a/spec/controllers/users/totp_setup_controller_spec.rb
+++ b/spec/controllers/users/totp_setup_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::TotpSetupController, devise: true do
+RSpec.describe Users::TotpSetupController, devise: true do
   describe 'before_actions' do
     it 'includes appropriate before_actions' do
       expect(subject).to have_actions(
diff --git a/spec/controllers/users/two_factor_authentication_controller_spec.rb b/spec/controllers/users/two_factor_authentication_controller_spec.rb
index 59f0333303a..d769ca75103 100644
--- a/spec/controllers/users/two_factor_authentication_controller_spec.rb
+++ b/spec/controllers/users/two_factor_authentication_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::TwoFactorAuthenticationController do
+RSpec.describe Users::TwoFactorAuthenticationController do
   include ActionView::Helpers::DateHelper
 
   let(:otp_preference_sms) { { otp_delivery_preference: 'sms' } }
diff --git a/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb b/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb
index f2cc84cd59b..155130d97d1 100644
--- a/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb
+++ b/spec/controllers/users/two_factor_authentication_setup_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::TwoFactorAuthenticationSetupController do
+RSpec.describe Users::TwoFactorAuthenticationSetupController do
   describe 'GET index' do
     it 'tracks the visit in analytics' do
       stub_sign_in_before_2fa
diff --git a/spec/controllers/users/verify_password_controller_spec.rb b/spec/controllers/users/verify_password_controller_spec.rb
index 55604aa76a5..e8f91720325 100644
--- a/spec/controllers/users/verify_password_controller_spec.rb
+++ b/spec/controllers/users/verify_password_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::VerifyPasswordController do
+RSpec.describe Users::VerifyPasswordController do
   let(:key) { 'key' }
   let(:profiles) { [] }
   let(:recovery_hash) { { personal_key: key } }
diff --git a/spec/controllers/users/verify_personal_key_controller_spec.rb b/spec/controllers/users/verify_personal_key_controller_spec.rb
index 2519c659598..bcb30f58338 100644
--- a/spec/controllers/users/verify_personal_key_controller_spec.rb
+++ b/spec/controllers/users/verify_personal_key_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::VerifyPersonalKeyController do
+RSpec.describe Users::VerifyPersonalKeyController do
   let(:user) { create(:user, personal_key: personal_key) }
   let!(:profiles) { [] }
   let(:personal_key) { 'key' }
diff --git a/spec/controllers/users/webauthn_setup_controller_spec.rb b/spec/controllers/users/webauthn_setup_controller_spec.rb
index 21ec00bfc60..17337b540b0 100644
--- a/spec/controllers/users/webauthn_setup_controller_spec.rb
+++ b/spec/controllers/users/webauthn_setup_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Users::WebauthnSetupController do
+RSpec.describe Users::WebauthnSetupController do
   include WebAuthnHelper
 
   describe 'before_actions' do
diff --git a/spec/controllers/vendor_outage_controller_spec.rb b/spec/controllers/vendor_outage_controller_spec.rb
index 96f05a342dc..07d879161ac 100644
--- a/spec/controllers/vendor_outage_controller_spec.rb
+++ b/spec/controllers/vendor_outage_controller_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe VendorOutageController do
+RSpec.describe VendorOutageController do
   before do
     stub_analytics
   end
diff --git a/spec/decorators/email_context_spec.rb b/spec/decorators/email_context_spec.rb
index 1e1f0762a92..daae915bcbe 100644
--- a/spec/decorators/email_context_spec.rb
+++ b/spec/decorators/email_context_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EmailContext do
+RSpec.describe EmailContext do
   let(:user) { create(:user, :fully_registered) }
 
   subject { described_class.new(user) }
diff --git a/spec/decorators/event_decorator_spec.rb b/spec/decorators/event_decorator_spec.rb
index ad3f46a7604..f3816c1ae62 100644
--- a/spec/decorators/event_decorator_spec.rb
+++ b/spec/decorators/event_decorator_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EventDecorator do
+RSpec.describe EventDecorator do
   let(:event) { build_stubbed(:event, event_type: :email_changed) }
   subject(:decorator) { EventDecorator.new(event) }
 
diff --git a/spec/decorators/mfa_context_spec.rb b/spec/decorators/mfa_context_spec.rb
index 9a3a96e4872..351ebceded8 100644
--- a/spec/decorators/mfa_context_spec.rb
+++ b/spec/decorators/mfa_context_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe MfaContext do
+RSpec.describe MfaContext do
   let(:mfa) { MfaContext.new(user) }
 
   context 'with no user' do
diff --git a/spec/features/accessibility/idv_pages_spec.rb b/spec/features/accessibility/idv_pages_spec.rb
index a17def9927e..71b56e171fd 100644
--- a/spec/features/accessibility/idv_pages_spec.rb
+++ b/spec/features/accessibility/idv_pages_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'axe-rspec'
 
-feature 'Accessibility on IDV pages', :js do
+RSpec.feature 'Accessibility on IDV pages', :js do
   describe 'IDV pages' do
     include IdvStepHelper
 
diff --git a/spec/features/accessibility/static_pages_spec.rb b/spec/features/accessibility/static_pages_spec.rb
index 2496a5b2c51..5d79ae1a766 100644
--- a/spec/features/accessibility/static_pages_spec.rb
+++ b/spec/features/accessibility/static_pages_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'axe-rspec'
 
-feature 'Accessibility on static pages', :js do
+RSpec.feature 'Accessibility on static pages', :js do
   scenario 'not found page', allow_browser_log: true do
     visit '/non_existent_page'
 
diff --git a/spec/features/accessibility/user_pages_spec.rb b/spec/features/accessibility/user_pages_spec.rb
index 4db16b14c20..d86cf271a55 100644
--- a/spec/features/accessibility/user_pages_spec.rb
+++ b/spec/features/accessibility/user_pages_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'axe-rspec'
 
-feature 'Accessibility on pages that require authentication', :js do
+RSpec.feature 'Accessibility on pages that require authentication', :js do
   scenario 'user registration page' do
     email = 'test@example.com'
     sign_up_with(email)
diff --git a/spec/features/accessibility/visitor_pages_spec.rb b/spec/features/accessibility/visitor_pages_spec.rb
index 731de492971..25fb54905b6 100644
--- a/spec/features/accessibility/visitor_pages_spec.rb
+++ b/spec/features/accessibility/visitor_pages_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'axe-rspec'
 
-feature 'Accessibility on pages that do not require authentication', :js do
+RSpec.feature 'Accessibility on pages that do not require authentication', :js do
   scenario 'login / root path' do
     visit root_path
 
diff --git a/spec/features/account/backup_codes_spec.rb b/spec/features/account/backup_codes_spec.rb
index ce4e39e47a9..74f1dc1f4da 100644
--- a/spec/features/account/backup_codes_spec.rb
+++ b/spec/features/account/backup_codes_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Backup codes' do
+RSpec.feature 'Backup codes' do
   before do
     sign_in_and_2fa_user(user)
     visit account_two_factor_authentication_path
diff --git a/spec/features/account/device_spec.rb b/spec/features/account/device_spec.rb
index 81eff133464..0e5a25d77e4 100644
--- a/spec/features/account/device_spec.rb
+++ b/spec/features/account/device_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Devices' do
+RSpec.describe 'Devices' do
   let(:user) { create(:user, :fully_registered) }
   before do
     user = create(:user, :fully_registered, otp_delivery_preference: 'sms')
diff --git a/spec/features/account/unphishable_badge_spec.rb b/spec/features/account/unphishable_badge_spec.rb
index fe0788dfd9f..75a2413d43e 100644
--- a/spec/features/account/unphishable_badge_spec.rb
+++ b/spec/features/account/unphishable_badge_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Unphishable account badge' do
+RSpec.feature 'Unphishable account badge' do
   before do
     sign_in_and_2fa_user(user)
   end
diff --git a/spec/features/account_connected_apps_spec.rb b/spec/features/account_connected_apps_spec.rb
index 0611ae2eda5..421587e0d9d 100644
--- a/spec/features/account_connected_apps_spec.rb
+++ b/spec/features/account_connected_apps_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Account connected applications' do
+RSpec.describe 'Account connected applications' do
   let(:user) { create(:user, :fully_registered, created_at: Time.zone.now - 100.days) }
   let(:identity_with_link) do
     create(
diff --git a/spec/features/account_creation/multiple_browsers_spec.rb b/spec/features/account_creation/multiple_browsers_spec.rb
index 91d37eddc15..7995c447d0f 100644
--- a/spec/features/account_creation/multiple_browsers_spec.rb
+++ b/spec/features/account_creation/multiple_browsers_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'account creation across multiple browsers' do
+RSpec.feature 'account creation across multiple browsers' do
   include SpAuthHelper
   include SamlAuthHelper
 
diff --git a/spec/features/account_creation/sp_return_log_spec.rb b/spec/features/account_creation/sp_return_log_spec.rb
index 1514df607ec..2513b1fda4b 100644
--- a/spec/features/account_creation/sp_return_log_spec.rb
+++ b/spec/features/account_creation/sp_return_log_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'SP return logs' do
+RSpec.feature 'SP return logs' do
   include SamlAuthHelper
 
   let(:email) { 'test@test.com' }
diff --git a/spec/features/account_history_spec.rb b/spec/features/account_history_spec.rb
index 4fff51575a8..77ba5240efc 100644
--- a/spec/features/account_history_spec.rb
+++ b/spec/features/account_history_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Account history' do
+RSpec.describe 'Account history' do
   let(:user) { create(:user, :fully_registered, created_at: Time.zone.now - 100.days) }
   let(:account_created_event) { create(:event, user: user, created_at: Time.zone.now - 98.days) }
   let(:gpo_mail_sent_event) do
diff --git a/spec/features/account_reset/cancel_request_spec.rb b/spec/features/account_reset/cancel_request_spec.rb
index 198c0630291..a5dc8256b48 100644
--- a/spec/features/account_reset/cancel_request_spec.rb
+++ b/spec/features/account_reset/cancel_request_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Account Reset Request: Cancellation' do
+RSpec.describe 'Account Reset Request: Cancellation' do
   context 'user cancels from the second email after the request has been granted' do
     it 'cancels the request and does not delete the user', email: true do
       user = create(:user, :fully_registered)
diff --git a/spec/features/account_reset/delete_account_spec.rb b/spec/features/account_reset/delete_account_spec.rb
index 2da988b216d..ed6107670e1 100644
--- a/spec/features/account_reset/delete_account_spec.rb
+++ b/spec/features/account_reset/delete_account_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Account Reset Request: Delete Account', email: true do
+RSpec.describe 'Account Reset Request: Delete Account', email: true do
   include PushNotificationsHelper
   include OidcAuthHelper
   include IrsAttemptsApiTrackingHelper
diff --git a/spec/features/account_reset/pending_request_spec.rb b/spec/features/account_reset/pending_request_spec.rb
index 66e770351f6..123606c65b2 100644
--- a/spec/features/account_reset/pending_request_spec.rb
+++ b/spec/features/account_reset/pending_request_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Pending account reset request sign in' do
+RSpec.feature 'Pending account reset request sign in' do
   it 'gives the option to cancel the request on sign in' do
     allow(IdentityConfig.store).to receive(:otp_delivery_blocklist_maxretry).and_return(999)
 
diff --git a/spec/features/device_tracking_spec.rb b/spec/features/device_tracking_spec.rb
index 6b7fa2a6d8d..af02ba5a64b 100644
--- a/spec/features/device_tracking_spec.rb
+++ b/spec/features/device_tracking_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Device tracking' do
+RSpec.describe 'Device tracking' do
   let(:user) { create(:user, :fully_registered) }
   let(:now) { Time.zone.now }
   let(:device) { create(:device, user: user, last_ip: '4.3.2.1', last_used_at: now) }
diff --git a/spec/features/event_disavowal_spec.rb b/spec/features/event_disavowal_spec.rb
index 2ac7dfccd83..c288683f6b6 100644
--- a/spec/features/event_disavowal_spec.rb
+++ b/spec/features/event_disavowal_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'disavowing an action' do
+RSpec.feature 'disavowing an action' do
   let(:user) { create(:user, :fully_registered, :with_personal_key) }
 
   scenario 'disavowing a password reset' do
diff --git a/spec/features/ialmax/saml_sign_in_spec.rb b/spec/features/ialmax/saml_sign_in_spec.rb
index 412431c201a..cf6aa2a6545 100644
--- a/spec/features/ialmax/saml_sign_in_spec.rb
+++ b/spec/features/ialmax/saml_sign_in_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'SAML IALMAX sign in' do
+RSpec.feature 'SAML IALMAX sign in' do
   include SamlAuthHelper
 
   context 'with an ial2 SP' do
diff --git a/spec/features/idv/account_creation_spec.rb b/spec/features/idv/account_creation_spec.rb
index 58c1104349e..76bf8d6fc12 100644
--- a/spec/features/idv/account_creation_spec.rb
+++ b/spec/features/idv/account_creation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'IAL2 account creation' do
+RSpec.describe 'IAL2 account creation' do
   include IdvHelper
   include DocAuthHelper
   include SamlAuthHelper
diff --git a/spec/features/idv/actions/cancel_link_sent_action_spec.rb b/spec/features/idv/actions/cancel_link_sent_action_spec.rb
index dbeae7f3cb6..c328ed27008 100644
--- a/spec/features/idv/actions/cancel_link_sent_action_spec.rb
+++ b/spec/features/idv/actions/cancel_link_sent_action_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth cancel link sent action' do
+RSpec.feature 'doc auth cancel link sent action' do
   include IdvStepHelper
   include DocAuthHelper
 
@@ -9,9 +9,9 @@
     complete_doc_auth_steps_before_link_sent_step
   end
 
-  it 'returns to link sent step' do
+  it 'returns to hybrid_handoff step' do
     click_doc_auth_back_link
 
-    expect(page).to have_current_path(idv_hybrid_handoff_path)
+    expect(page).to have_current_path(idv_hybrid_handoff_path, ignore_query: true)
   end
 end
diff --git a/spec/features/idv/actions/redo_document_capture_action_spec.rb b/spec/features/idv/actions/redo_document_capture_action_spec.rb
index 8b829a5d7ad..bc805abde0c 100644
--- a/spec/features/idv/actions/redo_document_capture_action_spec.rb
+++ b/spec/features/idv/actions/redo_document_capture_action_spec.rb
@@ -1,17 +1,31 @@
 require 'rails_helper'
 
-feature 'doc auth redo document capture action', js: true do
+RSpec.feature 'doc auth redo document capture action', js: true do
   include IdvStepHelper
   include DocAuthHelper
 
+  let(:fake_analytics) { FakeAnalytics.new }
+
+  before do
+    allow_any_instance_of(ApplicationController).to receive(:analytics).and_return(fake_analytics)
+  end
+
   context 'when barcode scan returns a warning', allow_browser_log: true do
+    let(:use_bad_ssn) { false }
+
     before do
       sign_in_and_2fa_user
       complete_doc_auth_steps_before_document_capture_step
       mock_doc_auth_attention_with_barcode
       attach_and_submit_images
       click_idv_continue
-      fill_out_ssn_form_with_ssn_that_fails_resolution
+
+      if use_bad_ssn
+        fill_out_ssn_form_with_ssn_that_fails_resolution
+      else
+        fill_out_ssn_form_ok
+      end
+
       click_idv_continue
     end
 
@@ -28,27 +42,82 @@
       click_link warning_link_text
 
       expect(current_path).to eq(idv_hybrid_handoff_path)
-      complete_upload_step
+      expect(fake_analytics).to have_logged_event(
+        'IdV: doc auth upload visited',
+        hash_including(redo_document_capture: true),
+      )
+      complete_hybrid_handoff_step
+      expect(fake_analytics).to have_logged_event(
+        'IdV: doc auth document_capture visited',
+        hash_including(redo_document_capture: true),
+      )
       DocAuth::Mock::DocAuthMockClient.reset!
       attach_and_submit_images
 
       expect(current_path).to eq(idv_verify_info_path)
       check t('forms.ssn.show')
-      expect(page).to have_content(DocAuthHelper::SSN_THAT_FAILS_RESOLUTION)
+      expect(page).to have_content(DocAuthHelper::GOOD_SSN)
       expect(page).to have_css('[role="status"]')  # We verified your ID
     end
 
-    it 'shows a troubleshooting option to allow the user to cancel and return to SP' do
-      click_idv_continue
+    it 'document capture cannot be reached after submitting verify info step' do
+      warning_link_text = t('doc_auth.headings.capture_scan_warning_link')
 
-      expect(page).to have_link(
-        t('links.cancel'),
-        href: idv_cancel_path,
+      expect(page).to have_css(
+        '[role="status"]',
+        text: t(
+          'doc_auth.headings.capture_scan_warning_html',
+          link: warning_link_text,
+        ).tr(' ', ' '),
       )
+      click_link warning_link_text
+
+      expect(current_path).to eq(idv_hybrid_handoff_path)
+      complete_hybrid_handoff_step
 
-      click_link t('links.cancel')
+      visit idv_verify_info_url
 
-      expect(current_path).to eq(idv_cancel_path)
+      click_idv_continue
+
+      expect(page).to have_current_path(idv_phone_path)
+
+      fill_out_phone_form_fail
+
+      click_idv_send_security_code
+
+      expect(page).to have_content(t('idv.failure.phone.warning.heading'))
+
+      visit idv_url
+      expect(current_path).to eq(idv_phone_path)
+
+      visit idv_hybrid_handoff_url
+      expect(current_path).to eq(idv_phone_path)
+
+      visit idv_document_capture_url
+      expect(current_path).to eq(idv_phone_path)
+
+      visit idv_ssn_url
+      expect(current_path).to eq(idv_phone_path)
+
+      visit idv_verify_info_url
+      expect(current_path).to eq(idv_phone_path)
+    end
+
+    context 'with a bad SSN' do
+      let(:use_bad_ssn) { true }
+
+      it 'shows a troubleshooting option to allow the user to cancel and return to SP' do
+        click_idv_continue
+
+        expect(page).to have_link(
+          t('links.cancel'),
+          href: idv_cancel_path,
+        )
+
+        click_link t('links.cancel')
+
+        expect(current_path).to eq(idv_cancel_path)
+      end
     end
 
     context 'on mobile', driver: :headless_chrome_mobile do
@@ -65,12 +134,16 @@
         click_link warning_link_text
 
         expect(current_path).to eq(idv_document_capture_path)
+        expect(fake_analytics).to have_logged_event(
+          'IdV: doc auth document_capture visited',
+          hash_including(redo_document_capture: true),
+        )
         DocAuth::Mock::DocAuthMockClient.reset!
         attach_and_submit_images
 
         expect(current_path).to eq(idv_verify_info_path)
         check t('forms.ssn.show')
-        expect(page).to have_content(DocAuthHelper::SSN_THAT_FAILS_RESOLUTION)
+        expect(page).to have_content(DocAuthHelper::GOOD_SSN)
         expect(page).to have_css('[role="status"]') # We verified your ID
       end
     end
diff --git a/spec/features/idv/analytics_spec.rb b/spec/features/idv/analytics_spec.rb
index 7eaa143066e..bd00c560198 100644
--- a/spec/features/idv/analytics_spec.rb
+++ b/spec/features/idv/analytics_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'csv'
 
-feature 'Analytics Regression', js: true do
+RSpec.feature 'Analytics Regression', js: true do
   include IdvStepHelper
   include InPersonHelper
 
@@ -139,7 +139,7 @@
       visit_idp_from_sp_with_ial2(:oidc)
       complete_welcome_step
       complete_agreement_step
-      complete_upload_step
+      complete_hybrid_handoff_step
       complete_document_capture_step
       complete_ssn_step
       complete_verify_step
@@ -174,7 +174,7 @@
       visit_idp_from_sp_with_ial2(:oidc)
       complete_welcome_step
       complete_agreement_step
-      complete_upload_step
+      complete_hybrid_handoff_step
       complete_document_capture_step
       complete_ssn_step
       complete_verify_step
diff --git a/spec/features/idv/cancel_spec.rb b/spec/features/idv/cancel_spec.rb
index f1679f031e9..32cd6c7169f 100644
--- a/spec/features/idv/cancel_spec.rb
+++ b/spec/features/idv/cancel_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'cancel IdV' do
+RSpec.describe 'cancel IdV' do
   include IdvStepHelper
   include DocAuthHelper
   include InteractionHelper
@@ -82,7 +82,7 @@
   context 'when user has recorded proofing components' do
     before do
       complete_agreement_step
-      complete_upload_step
+      complete_hybrid_handoff_step
       complete_document_capture_step
     end
 
diff --git a/spec/features/idv/clearing_and_restarting_spec.rb b/spec/features/idv/clearing_and_restarting_spec.rb
index 6de48def5ba..6a7e2a36f7e 100644
--- a/spec/features/idv/clearing_and_restarting_spec.rb
+++ b/spec/features/idv/clearing_and_restarting_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'clearing IdV and restarting' do
+RSpec.describe 'clearing IdV and restarting' do
   include IdvStepHelper
 
   let(:user) { user_with_2fa }
diff --git a/spec/features/idv/confirm_start_over_spec.rb b/spec/features/idv/confirm_start_over_spec.rb
index 94abf5bfb7f..3b6df904be5 100644
--- a/spec/features/idv/confirm_start_over_spec.rb
+++ b/spec/features/idv/confirm_start_over_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'idv gpo confirm start over', js: true do
+RSpec.feature 'idv gpo confirm start over', js: true do
   include IdvStepHelper
   include DocAuthHelper
 
diff --git a/spec/features/idv/doc_auth/address_step_spec.rb b/spec/features/idv/doc_auth/address_step_spec.rb
index 62d36a3f4cc..46b54f456f1 100644
--- a/spec/features/idv/doc_auth/address_step_spec.rb
+++ b/spec/features/idv/doc_auth/address_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth verify step', :js do
+RSpec.feature 'doc auth verify step', :js do
   include IdvStepHelper
   include DocAuthHelper
 
diff --git a/spec/features/idv/doc_auth/agreement_spec.rb b/spec/features/idv/doc_auth/agreement_spec.rb
new file mode 100644
index 00000000000..cb941a3d10d
--- /dev/null
+++ b/spec/features/idv/doc_auth/agreement_spec.rb
@@ -0,0 +1,70 @@
+require 'rails_helper'
+
+RSpec.feature 'doc auth agreement step' do
+  include DocAuthHelper
+
+  before do
+    allow(IdentityConfig.store).to receive(:doc_auth_agreement_controller_enabled).
+      and_return(true)
+  end
+
+  context 'when JS is enabled', :js do
+    before do
+      sign_in_and_2fa_user
+      complete_doc_auth_steps_before_agreement_step
+    end
+
+    it 'shows an inline error if the user clicks continue without giving consent' do
+      expect(page).to have_content(t('step_indicator.flows.idv.getting_started'))
+      click_continue
+
+      expect(page).to have_current_path(idv_agreement_url)
+      expect(page).to have_content(t('forms.validation.required_checkbox'))
+    end
+
+    it 'allows the user to continue after checking the checkbox' do
+      check t('doc_auth.instructions.consent', app_name: APP_NAME)
+      click_continue
+
+      expect(page).to have_current_path(idv_hybrid_handoff_path)
+    end
+  end
+
+  context 'when JS is disabled' do
+    before do
+      sign_in_and_2fa_user
+      complete_doc_auth_steps_before_agreement_step
+    end
+
+    it 'shows the notice if the user clicks continue without giving consent' do
+      click_continue
+
+      expect(page).to have_current_path(idv_agreement_url)
+      expect(page).to have_content(t('errors.doc_auth.consent_form'))
+    end
+
+    it 'allows the user to continue after checking the checkbox' do
+      check t('doc_auth.instructions.consent', app_name: APP_NAME)
+      click_continue
+
+      expect(page).to have_current_path(idv_hybrid_handoff_path)
+    end
+  end
+
+  context 'skipping hybrid_handoff step', :js, driver: :headless_chrome_mobile do
+    let(:fake_analytics) { FakeAnalytics.new }
+
+    before do
+      allow_any_instance_of(ApplicationController).
+        to receive(:analytics).and_return(fake_analytics)
+
+      sign_in_and_2fa_user
+      complete_doc_auth_steps_before_agreement_step
+      complete_agreement_step
+    end
+
+    it 'progresses to document capture' do
+      expect(page).to have_current_path(idv_document_capture_url)
+    end
+  end
+end
diff --git a/spec/features/idv/doc_auth/agreement_step_spec.rb b/spec/features/idv/doc_auth/agreement_step_spec.rb
index f73327bea8d..3e3c9d92353 100644
--- a/spec/features/idv/doc_auth/agreement_step_spec.rb
+++ b/spec/features/idv/doc_auth/agreement_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth agreement step' do
+RSpec.feature 'doc auth agreement step' do
   include DocAuthHelper
 
   def expect_doc_auth_first_step
diff --git a/spec/features/idv/doc_auth/document_capture_spec.rb b/spec/features/idv/doc_auth/document_capture_spec.rb
index c8eee9ed589..04e2ac9b3e3 100644
--- a/spec/features/idv/doc_auth/document_capture_spec.rb
+++ b/spec/features/idv/doc_auth/document_capture_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth document capture step', :js do
+RSpec.feature 'doc auth document capture step', :js do
   include IdvStepHelper
   include DocAuthHelper
   include ActionView::Helpers::DateHelper
diff --git a/spec/features/idv/doc_auth/hybrid_handoff_spec.rb b/spec/features/idv/doc_auth/hybrid_handoff_spec.rb
index 30c8cdc8f90..ec7a0019166 100644
--- a/spec/features/idv/doc_auth/hybrid_handoff_spec.rb
+++ b/spec/features/idv/doc_auth/hybrid_handoff_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth hybrid_handoff step' do
+RSpec.feature 'doc auth hybrid_handoff step' do
   include IdvStepHelper
   include DocAuthHelper
   include ActionView::Helpers::DateHelper
@@ -33,7 +33,7 @@
 
   context 'on a desktop device' do
     before do
-      complete_doc_auth_steps_before_upload_step
+      complete_doc_auth_steps_before_hybrid_handoff_step
       allow_any_instance_of(
         Idv::HybridHandoffController,
       ).to receive(
@@ -170,7 +170,7 @@
     it 'throttles sending the link' do
       user = user_with_2fa
       sign_in_and_2fa_user(user)
-      complete_doc_auth_steps_before_upload_step
+      complete_doc_auth_steps_before_hybrid_handoff_step
       timeout = distance_of_time_in_words(
         Throttle.attempt_window_in_minutes(:idv_send_link).minutes,
       )
diff --git a/spec/features/idv/doc_auth/link_sent_spec.rb b/spec/features/idv/doc_auth/link_sent_spec.rb
index 406aab2e3c4..14dd57e111d 100644
--- a/spec/features/idv/doc_auth/link_sent_spec.rb
+++ b/spec/features/idv/doc_auth/link_sent_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth link sent step' do
+RSpec.feature 'doc auth link sent step' do
   include IdvStepHelper
   include DocAuthHelper
   include DocCaptureHelper
@@ -13,7 +13,7 @@
       to(receive(:doc_capture_polling_enabled?).and_return(false))
 
     user
-    complete_doc_auth_steps_before_upload_step
+    complete_doc_auth_steps_before_hybrid_handoff_step
     clear_and_fill_in(:doc_auth_phone, phone_number)
     click_send_link
   end
diff --git a/spec/features/idv/doc_auth/ssn_step_spec.rb b/spec/features/idv/doc_auth/ssn_step_spec.rb
index 6bb05ad4506..1862aba7b98 100644
--- a/spec/features/idv/doc_auth/ssn_step_spec.rb
+++ b/spec/features/idv/doc_auth/ssn_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth ssn step', :js do
+RSpec.feature 'doc auth ssn step', :js do
   include IdvStepHelper
   include DocAuthHelper
   include DocCaptureHelper
diff --git a/spec/features/idv/doc_auth/test_credentials_spec.rb b/spec/features/idv/doc_auth/test_credentials_spec.rb
index c4ea0c9f0c5..8bdc98a0bd2 100644
--- a/spec/features/idv/doc_auth/test_credentials_spec.rb
+++ b/spec/features/idv/doc_auth/test_credentials_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth test credentials', :js do
+RSpec.feature 'doc auth test credentials', :js do
   include IdvStepHelper
   include DocAuthHelper
 
diff --git a/spec/features/idv/doc_auth/verify_info_step_spec.rb b/spec/features/idv/doc_auth/verify_info_step_spec.rb
index 54d73395bdd..b0c9d7b0707 100644
--- a/spec/features/idv/doc_auth/verify_info_step_spec.rb
+++ b/spec/features/idv/doc_auth/verify_info_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth verify_info step', :js do
+RSpec.feature 'doc auth verify_info step', :js do
   include IdvStepHelper
   include DocAuthHelper
 
diff --git a/spec/features/idv/doc_auth/welcome_step_spec.rb b/spec/features/idv/doc_auth/welcome_step_spec.rb
index 3c3d4910213..bb3a735830d 100644
--- a/spec/features/idv/doc_auth/welcome_step_spec.rb
+++ b/spec/features/idv/doc_auth/welcome_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'doc auth welcome step' do
+RSpec.feature 'doc auth welcome step' do
   include IdvHelper
   include DocAuthHelper
 
diff --git a/spec/features/idv/gpo_disabled_spec.rb b/spec/features/idv/gpo_disabled_spec.rb
index 4e5d378c953..ba63a1a8912 100644
--- a/spec/features/idv/gpo_disabled_spec.rb
+++ b/spec/features/idv/gpo_disabled_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'disabling GPO address verification' do
+RSpec.feature 'disabling GPO address verification' do
   include IdvStepHelper
 
   context 'with GPO address verification disabled' do
diff --git a/spec/features/idv/hybrid_mobile/entry_spec.rb b/spec/features/idv/hybrid_mobile/entry_spec.rb
index 4c8b05df314..c7ea02d73da 100644
--- a/spec/features/idv/hybrid_mobile/entry_spec.rb
+++ b/spec/features/idv/hybrid_mobile/entry_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'mobile hybrid flow entry', js: true do
+RSpec.feature 'mobile hybrid flow entry', js: true do
   include IdvStepHelper
 
   let(:link_sent_via_sms) do
@@ -13,7 +13,7 @@
     end
 
     sign_in_and_2fa_user
-    complete_doc_auth_steps_before_upload_step
+    complete_doc_auth_steps_before_hybrid_handoff_step
     click_send_link
 
     link
diff --git a/spec/features/idv/hybrid_mobile/hybrid_mobile_spec.rb b/spec/features/idv/hybrid_mobile/hybrid_mobile_spec.rb
index c7ad3927831..40592cc0333 100644
--- a/spec/features/idv/hybrid_mobile/hybrid_mobile_spec.rb
+++ b/spec/features/idv/hybrid_mobile/hybrid_mobile_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Hybrid Flow', :allow_net_connect_on_start do
+RSpec.describe 'Hybrid Flow', :allow_net_connect_on_start do
   include IdvHelper
   include IdvStepHelper
   include DocAuthHelper
@@ -23,7 +23,7 @@
 
     perform_in_browser(:desktop) do
       user = sign_in_and_2fa_user
-      complete_doc_auth_steps_before_upload_step
+      complete_doc_auth_steps_before_hybrid_handoff_step
       clear_and_fill_in(:doc_auth_phone, phone_number)
       click_send_link
 
@@ -87,7 +87,7 @@
 
     perform_in_browser(:desktop) do
       user = sign_in_and_2fa_user
-      complete_doc_auth_steps_before_upload_step
+      complete_doc_auth_steps_before_hybrid_handoff_step
       clear_and_fill_in(:doc_auth_phone, phone_number)
       click_send_link
 
diff --git a/spec/features/idv/in_person_spec.rb b/spec/features/idv/in_person_spec.rb
index d5dbbace4d5..84447cffadc 100644
--- a/spec/features/idv/in_person_spec.rb
+++ b/spec/features/idv/in_person_spec.rb
@@ -330,7 +330,7 @@
 
       perform_in_browser(:desktop) do
         user = sign_in_and_2fa_user
-        complete_doc_auth_steps_before_upload_step
+        complete_doc_auth_steps_before_hybrid_handoff_step
         clear_and_fill_in(:doc_auth_phone, '415-555-0199')
         click_send_link
 
diff --git a/spec/features/idv/outage_spec.rb b/spec/features/idv/outage_spec.rb
index 5a5e128543b..f9d032e84f4 100644
--- a/spec/features/idv/outage_spec.rb
+++ b/spec/features/idv/outage_spec.rb
@@ -12,7 +12,7 @@ def sign_in_with_idv_required(user:, sms_or_totp: :sms)
   click_submit_default
 end
 
-feature 'IdV Outage Spec' do
+RSpec.feature 'IdV Outage Spec' do
   include PersonalKeyHelper
   include IdvStepHelper
 
@@ -107,7 +107,7 @@ def sign_in_with_idv_required(user:, sms_or_totp: :sms)
       # Still offer the option for hybrid flow
       expect(current_path).to eq idv_hybrid_handoff_path
 
-      complete_upload_step
+      complete_hybrid_handoff_step
       complete_document_capture_step
       complete_ssn_step
       complete_verify_step
diff --git a/spec/features/idv/phone_input_spec.rb b/spec/features/idv/phone_input_spec.rb
index f9097bb8723..1dfcf9fc3c1 100644
--- a/spec/features/idv/phone_input_spec.rb
+++ b/spec/features/idv/phone_input_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'IdV phone number input', :js do
+RSpec.feature 'IdV phone number input', :js do
   include IdvStepHelper
 
   before do
diff --git a/spec/features/idv/phone_otp_rate_limiting_spec.rb b/spec/features/idv/phone_otp_rate_limiting_spec.rb
index 315e856f1fd..8cf18b2a1e8 100644
--- a/spec/features/idv/phone_otp_rate_limiting_spec.rb
+++ b/spec/features/idv/phone_otp_rate_limiting_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'phone otp rate limiting', :js do
+RSpec.feature 'phone otp rate limiting', :js do
   include IdvStepHelper
 
   let(:user) { user_with_2fa }
diff --git a/spec/features/idv/sp_handoff_spec.rb b/spec/features/idv/sp_handoff_spec.rb
index ebb702737ca..e72e00cdf73 100644
--- a/spec/features/idv/sp_handoff_spec.rb
+++ b/spec/features/idv/sp_handoff_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'IdV SP handoff', :email do
+RSpec.feature 'IdV SP handoff', :email do
   include SamlAuthHelper
   include IdvStepHelper
 
diff --git a/spec/features/idv/sp_requested_attributes_spec.rb b/spec/features/idv/sp_requested_attributes_spec.rb
index f070653f0a6..4140120f3fb 100644
--- a/spec/features/idv/sp_requested_attributes_spec.rb
+++ b/spec/features/idv/sp_requested_attributes_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'sp requested IdV attributes', :email do
+RSpec.feature 'sp requested IdV attributes', :email do
   context 'oidc' do
     it_behaves_like 'sp requesting attributes', :oidc
   end
diff --git a/spec/features/idv/steps/confirmation_step_spec.rb b/spec/features/idv/steps/confirmation_step_spec.rb
index b1da498fe6f..db9f6c44ea4 100644
--- a/spec/features/idv/steps/confirmation_step_spec.rb
+++ b/spec/features/idv/steps/confirmation_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'idv confirmation step', js: true do
+RSpec.feature 'idv confirmation step', js: true do
   include IdvStepHelper
 
   let(:sp) { nil }
diff --git a/spec/features/idv/steps/forgot_password_step_spec.rb b/spec/features/idv/steps/forgot_password_step_spec.rb
index 38020c1aeac..e59da115dc2 100644
--- a/spec/features/idv/steps/forgot_password_step_spec.rb
+++ b/spec/features/idv/steps/forgot_password_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'forgot password step', :js do
+RSpec.feature 'forgot password step', :js do
   include IdvStepHelper
 
   it 'goes to the forgot password page from the review page' do
diff --git a/spec/features/idv/steps/gpo_otp_verification_step_spec.rb b/spec/features/idv/steps/gpo_otp_verification_step_spec.rb
index 3bf2ad10a48..989882f443a 100644
--- a/spec/features/idv/steps/gpo_otp_verification_step_spec.rb
+++ b/spec/features/idv/steps/gpo_otp_verification_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'idv gpo otp verification step' do
+RSpec.feature 'idv gpo otp verification step' do
   include IdvStepHelper
 
   let(:otp) { 'ABC123' }
diff --git a/spec/features/idv/steps/gpo_step_spec.rb b/spec/features/idv/steps/gpo_step_spec.rb
index 81839f8a57d..35b4d400833 100644
--- a/spec/features/idv/steps/gpo_step_spec.rb
+++ b/spec/features/idv/steps/gpo_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'idv gpo step', :js do
+RSpec.feature 'idv gpo step', :js do
   include IdvStepHelper
   include OidcAuthHelper
 
diff --git a/spec/features/idv/steps/in_person/state_id_step_spec.rb b/spec/features/idv/steps/in_person/state_id_step_spec.rb
new file mode 100644
index 00000000000..0393e418299
--- /dev/null
+++ b/spec/features/idv/steps/in_person/state_id_step_spec.rb
@@ -0,0 +1,43 @@
+require 'rails_helper'
+
+RSpec.describe 'doc auth IPP state ID step', js: true do
+  include IdvStepHelper
+  include InPersonHelper
+
+  before do
+    allow(IdentityConfig.store).to receive(:in_person_proofing_enabled).and_return(true)
+  end
+
+  context 'capture secondary id is enabled' do
+    before do
+      allow(IdentityConfig.store).
+        to(receive(:in_person_capture_secondary_id_enabled)).
+        and_return(true)
+    end
+
+    it 'validates zip code input', allow_browser_log: true do
+      user = user_with_2fa
+
+      sign_in_and_2fa_user(user)
+      begin_in_person_proofing(user)
+      complete_prepare_step(user)
+      complete_location_step(user)
+      expect(page).to have_current_path(idv_in_person_step_path(step: :state_id), wait: 10)
+      fill_out_state_id_form_ok(double_address_verification: true, same_address_as_id: true)
+      # blank out the zip code field
+      fill_in t('in_person_proofing.form.state_id.zipcode'), with: ''
+      # try to enter invalid input into the zip code field
+      fill_in t('in_person_proofing.form.state_id.zipcode'), with: 'invalid input'
+      expect(page).to have_field(t('in_person_proofing.form.state_id.zipcode'), with: '')
+      # enter valid characters, but invalid length
+      fill_in t('in_person_proofing.form.state_id.zipcode'), with: '123'
+      click_idv_continue
+      expect(page).to have_css('.usa-error-message', text: t('idv.errors.pattern_mismatch.zipcode'))
+      # enter a valid zip and make sure we can continue
+      fill_in t('in_person_proofing.form.state_id.zipcode'), with: '123456789'
+      expect(page).to have_field(t('in_person_proofing.form.state_id.zipcode'), with: '12345-6789')
+      click_idv_continue
+      expect(page).to have_current_path(idv_in_person_step_path(step: :ssn))
+    end
+  end
+end
diff --git a/spec/features/idv/steps/phone_otp_verification_step_spec.rb b/spec/features/idv/steps/phone_otp_verification_step_spec.rb
index 826d03507aa..ad059e713b0 100644
--- a/spec/features/idv/steps/phone_otp_verification_step_spec.rb
+++ b/spec/features/idv/steps/phone_otp_verification_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'phone otp verification step spec', :js do
+RSpec.feature 'phone otp verification step spec', :js do
   include IdvStepHelper
 
   it 'requires the user to enter the correct otp before continuing' do
diff --git a/spec/features/idv/steps/phone_step_spec.rb b/spec/features/idv/steps/phone_step_spec.rb
index a7df7a5d88e..f49a42d4d2a 100644
--- a/spec/features/idv/steps/phone_step_spec.rb
+++ b/spec/features/idv/steps/phone_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'idv phone step', :js do
+RSpec.feature 'idv phone step', :js do
   include IdvStepHelper
   include IdvHelper
 
diff --git a/spec/features/idv/steps/review_step_spec.rb b/spec/features/idv/steps/review_step_spec.rb
index f781d55951a..99a0ff02841 100644
--- a/spec/features/idv/steps/review_step_spec.rb
+++ b/spec/features/idv/steps/review_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'idv review step', :js do
+RSpec.feature 'idv review step', :js do
   include IdvStepHelper
 
   it 'routes to root if not signed in', js: false, driver: :desktop_rack_test do
diff --git a/spec/features/idv/uak_password_spec.rb b/spec/features/idv/uak_password_spec.rb
index e32ee8f0067..61bdbd335ee 100644
--- a/spec/features/idv/uak_password_spec.rb
+++ b/spec/features/idv/uak_password_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'A user with a UAK passwords attempts IdV' do
+RSpec.feature 'A user with a UAK passwords attempts IdV' do
   include IdvStepHelper
 
   it 'allows the user to continue to the SP', js: true do
diff --git a/spec/features/irs_attempts_api/event_tracking_spec.rb b/spec/features/irs_attempts_api/event_tracking_spec.rb
index ff12effe659..3a027125dbf 100644
--- a/spec/features/irs_attempts_api/event_tracking_spec.rb
+++ b/spec/features/irs_attempts_api/event_tracking_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'IRS Attempts API Event Tracking' do
+RSpec.feature 'IRS Attempts API Event Tracking' do
   include OidcAuthHelper
   include IrsAttemptsApiTrackingHelper
 
diff --git a/spec/features/legacy_passwords_spec.rb b/spec/features/legacy_passwords_spec.rb
index f968db44ec2..6bf31512c37 100644
--- a/spec/features/legacy_passwords_spec.rb
+++ b/spec/features/legacy_passwords_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'legacy passwords' do
+RSpec.feature 'legacy passwords' do
   scenario 'signing in with a password digested by the uak verifier updates the digest' do
     user = create(:user, :fully_registered)
     user.update!(
diff --git a/spec/features/load_testing/email_sign_up_spec.rb b/spec/features/load_testing/email_sign_up_spec.rb
index 606ea11050b..62f3d1039de 100644
--- a/spec/features/load_testing/email_sign_up_spec.rb
+++ b/spec/features/load_testing/email_sign_up_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Email sign up' do
+RSpec.feature 'Email sign up' do
   scenario 'Load testing feature is on' do
     allow(IdentityConfig.store).to receive(:enable_load_testing_mode).and_return(true)
     email = 'test@example.com'
diff --git a/spec/features/multi_factor_authentication/mfa_cta_spec.rb b/spec/features/multi_factor_authentication/mfa_cta_spec.rb
index 48104794d65..6d64285f75c 100644
--- a/spec/features/multi_factor_authentication/mfa_cta_spec.rb
+++ b/spec/features/multi_factor_authentication/mfa_cta_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'mfa cta banner' do
+RSpec.feature 'mfa cta banner' do
   include DocAuthHelper
   include SamlAuthHelper
 
diff --git a/spec/features/multiple_emails/add_email_spec.rb b/spec/features/multiple_emails/add_email_spec.rb
index 7a16fb7bcbd..b58300367c6 100644
--- a/spec/features/multiple_emails/add_email_spec.rb
+++ b/spec/features/multiple_emails/add_email_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'adding email address' do
+RSpec.feature 'adding email address' do
   let(:email) { 'test@test.com' }
 
   it 'allows the user to add an email and confirm with an active session' do
diff --git a/spec/features/multiple_emails/email_management_spec.rb b/spec/features/multiple_emails/email_management_spec.rb
index b622036b929..4018460e401 100644
--- a/spec/features/multiple_emails/email_management_spec.rb
+++ b/spec/features/multiple_emails/email_management_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'managing email address' do
+RSpec.feature 'managing email address' do
   context 'show one email address if only one is configured' do
     scenario 'shows one email address for a user with only one' do
       user = create(:user, :fully_registered, :with_multiple_emails)
diff --git a/spec/features/multiple_emails/reset_password_spec.rb b/spec/features/multiple_emails/reset_password_spec.rb
index 6f032d1d922..443478d8b9e 100644
--- a/spec/features/multiple_emails/reset_password_spec.rb
+++ b/spec/features/multiple_emails/reset_password_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'reset password with multiple emails' do
+RSpec.describe 'reset password with multiple emails' do
   scenario 'it sends the reset instruction to the email the user enters' do
     user = create(:user, :with_multiple_emails)
     email1, email2 = user.reload.email_addresses.map(&:email)
diff --git a/spec/features/multiple_emails/sign_in_spec.rb b/spec/features/multiple_emails/sign_in_spec.rb
index c942cac7839..51e23203758 100644
--- a/spec/features/multiple_emails/sign_in_spec.rb
+++ b/spec/features/multiple_emails/sign_in_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'sign in with any email address' do
+RSpec.feature 'sign in with any email address' do
   scenario 'signing in with any email address' do
     user = create(:user, :fully_registered, :with_multiple_emails)
 
diff --git a/spec/features/multiple_emails/sp_sign_in_spec.rb b/spec/features/multiple_emails/sp_sign_in_spec.rb
index aa7123f4482..5179fe24c74 100644
--- a/spec/features/multiple_emails/sp_sign_in_spec.rb
+++ b/spec/features/multiple_emails/sp_sign_in_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'signing into an SP with multiple emails enabled' do
+RSpec.feature 'signing into an SP with multiple emails enabled' do
   include SamlAuthHelper
 
   context 'with the email scope' do
diff --git a/spec/features/new_device_tracking_spec.rb b/spec/features/new_device_tracking_spec.rb
index 098aff39593..d4a35e0f83a 100644
--- a/spec/features/new_device_tracking_spec.rb
+++ b/spec/features/new_device_tracking_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'New device tracking' do
+RSpec.describe 'New device tracking' do
   include SamlAuthHelper
 
   let(:user) { create(:user, :fully_registered) }
diff --git a/spec/features/openid_connect/authorization_confirmation_spec.rb b/spec/features/openid_connect/authorization_confirmation_spec.rb
index e386c83e8ff..308ed93dade 100644
--- a/spec/features/openid_connect/authorization_confirmation_spec.rb
+++ b/spec/features/openid_connect/authorization_confirmation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'OIDC Authorization Confirmation' do
+RSpec.feature 'OIDC Authorization Confirmation' do
   include OidcAuthHelper
 
   before do
diff --git a/spec/features/openid_connect/openid_connect_spec.rb b/spec/features/openid_connect/openid_connect_spec.rb
index 50b1e55b19b..bdc22759ba8 100644
--- a/spec/features/openid_connect/openid_connect_spec.rb
+++ b/spec/features/openid_connect/openid_connect_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'query_tracker'
 
-describe 'OpenID Connect' do
+RSpec.describe 'OpenID Connect' do
   include IdvHelper
   include OidcAuthHelper
   include DocAuthHelper
diff --git a/spec/features/openid_connect/phishing_resistant_required_spec.rb b/spec/features/openid_connect/phishing_resistant_required_spec.rb
index c22660de7f2..59dae4b2843 100644
--- a/spec/features/openid_connect/phishing_resistant_required_spec.rb
+++ b/spec/features/openid_connect/phishing_resistant_required_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Phishing-resistant authentication required in an OIDC context' do
+RSpec.describe 'Phishing-resistant authentication required in an OIDC context' do
   include OidcAuthHelper
 
   describe 'OpenID Connect requesting AAL3 authentication' do
diff --git a/spec/features/openid_connect/redirect_uri_validation_spec.rb b/spec/features/openid_connect/redirect_uri_validation_spec.rb
index 258866a17d3..660c4d41217 100644
--- a/spec/features/openid_connect/redirect_uri_validation_spec.rb
+++ b/spec/features/openid_connect/redirect_uri_validation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'redirect_uri validation' do
+RSpec.describe 'redirect_uri validation' do
   context 'when the redirect_uri in the request does not match one that is registered' do
     it 'displays error instead of branded landing page' do
       visit_idp_from_sp_with_ial1_with_disallowed_redirect_uri
diff --git a/spec/features/phone/add_phone_spec.rb b/spec/features/phone/add_phone_spec.rb
index d450db03a8e..1a3207fc04f 100644
--- a/spec/features/phone/add_phone_spec.rb
+++ b/spec/features/phone/add_phone_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Add a new phone number' do
+RSpec.describe 'Add a new phone number' do
   scenario 'Adding and confirming a new phone number allows the phone number to be used for MFA' do
     user = create(:user, :fully_registered)
     phone = '+1 (225) 278-1234'
diff --git a/spec/features/phone/confirmation_spec.rb b/spec/features/phone/confirmation_spec.rb
index 5ea3372d6e1..cf3396e32e0 100644
--- a/spec/features/phone/confirmation_spec.rb
+++ b/spec/features/phone/confirmation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'phone otp confirmation' do
+RSpec.describe 'phone otp confirmation' do
   let(:phone) { '2025551234' }
   let(:formatted_phone) { PhoneFormatter.format(phone) }
 
diff --git a/spec/features/phone/default_phone_selection_spec.rb b/spec/features/phone/default_phone_selection_spec.rb
index e08dd9620c8..4e9297f4174 100644
--- a/spec/features/phone/default_phone_selection_spec.rb
+++ b/spec/features/phone/default_phone_selection_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'default phone selection' do
+RSpec.describe 'default phone selection' do
   let(:user) { create(:user, :with_phone) }
   let(:phone_config2) do
     create(
diff --git a/spec/features/phone/edit_phone_spec.rb b/spec/features/phone/edit_phone_spec.rb
index 87ba28795ad..bf47084f1e1 100644
--- a/spec/features/phone/edit_phone_spec.rb
+++ b/spec/features/phone/edit_phone_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'editing a phone' do
+RSpec.describe 'editing a phone' do
   it 'allows a user to edit one of their phone numbers' do
     user = create(:user, :fully_registered)
     phone_configuration = user.phone_configurations.first
diff --git a/spec/features/phone/rate_limitting_spec.rb b/spec/features/phone/rate_limitting_spec.rb
index 100cdaac3d8..35b83abc602 100644
--- a/spec/features/phone/rate_limitting_spec.rb
+++ b/spec/features/phone/rate_limitting_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'phone rate limitting' do
+RSpec.describe 'phone rate limitting' do
   let(:phone) { '2025551234' }
 
   context 'on sign up' do
diff --git a/spec/features/phone/remove_phone_spec.rb b/spec/features/phone/remove_phone_spec.rb
index 54b4e627416..292dc84e43f 100644
--- a/spec/features/phone/remove_phone_spec.rb
+++ b/spec/features/phone/remove_phone_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'removing a phone number from an account' do
+RSpec.feature 'removing a phone number from an account' do
   scenario 'deleting a phone number' do
     user = create(:user, :fully_registered, :with_piv_or_cac)
     phone_configuration = user.phone_configurations.first
diff --git a/spec/features/remember_device/cookie_expiration_spec.rb b/spec/features/remember_device/cookie_expiration_spec.rb
index cf0ab2378a2..b5ca20f1c93 100644
--- a/spec/features/remember_device/cookie_expiration_spec.rb
+++ b/spec/features/remember_device/cookie_expiration_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'signing in with remember device and closing browser' do
+RSpec.describe 'signing in with remember device and closing browser' do
   include SamlAuthHelper
 
   let(:user) { user_with_2fa }
diff --git a/spec/features/remember_device/phone_spec.rb b/spec/features/remember_device/phone_spec.rb
index dddbb978ef9..0a7ca427469 100644
--- a/spec/features/remember_device/phone_spec.rb
+++ b/spec/features/remember_device/phone_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Remembering a phone' do
+RSpec.feature 'Remembering a phone' do
   include IdvStepHelper
 
   before do
diff --git a/spec/features/remember_device/revocation_spec.rb b/spec/features/remember_device/revocation_spec.rb
index 8eaa70de513..8a95fdf6792 100644
--- a/spec/features/remember_device/revocation_spec.rb
+++ b/spec/features/remember_device/revocation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'taking an action that revokes remember device' do
+RSpec.feature 'taking an action that revokes remember device' do
   include NavigationHelper
 
   before do
diff --git a/spec/features/remember_device/session_expiration_spec.rb b/spec/features/remember_device/session_expiration_spec.rb
index 708030d334c..8e003418aee 100644
--- a/spec/features/remember_device/session_expiration_spec.rb
+++ b/spec/features/remember_device/session_expiration_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'signing in with remember device and idling on the sign in page' do
+RSpec.describe 'signing in with remember device and idling on the sign in page' do
   include SamlAuthHelper
 
   it 'redirects to the OIDC SP even though session is deleted' do
diff --git a/spec/features/remember_device/sp_expiration_spec.rb b/spec/features/remember_device/sp_expiration_spec.rb
index d229081ea1c..25514f5f48d 100644
--- a/spec/features/remember_device/sp_expiration_spec.rb
+++ b/spec/features/remember_device/sp_expiration_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-shared_examples 'expiring remember device for an sp config' do |expiration_time, protocol|
+RSpec.shared_examples 'expiring remember device for an sp config' do |expiration_time, protocol|
   before do
     user # Go through the signup flow and remember user before visiting SP
   end
@@ -93,7 +93,7 @@
   end
 end
 
-feature 'remember device sp expiration' do
+RSpec.feature 'remember device sp expiration' do
   include SamlAuthHelper
 
   let(:user) do
diff --git a/spec/features/remember_device/totp_spec.rb b/spec/features/remember_device/totp_spec.rb
index 522efb9b0db..9679edcc9bb 100644
--- a/spec/features/remember_device/totp_spec.rb
+++ b/spec/features/remember_device/totp_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Remembering a TOTP device' do
+RSpec.describe 'Remembering a TOTP device' do
   before do
     allow(IdentityConfig.store).to receive(:otp_delivery_blocklist_maxretry).and_return(1000)
   end
diff --git a/spec/features/remember_device/user_opted_preference_spec.rb b/spec/features/remember_device/user_opted_preference_spec.rb
index 5628e9c4f03..d051bca7207 100644
--- a/spec/features/remember_device/user_opted_preference_spec.rb
+++ b/spec/features/remember_device/user_opted_preference_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 # rubocop:disable Layout/LineLength
 
-describe 'Unchecking remember device' do
+RSpec.describe 'Unchecking remember device' do
   describe '2fa setup' do
     context 'when the 2fa is totp' do
       before do
diff --git a/spec/features/remember_device/webauthn_spec.rb b/spec/features/remember_device/webauthn_spec.rb
index 9256c75e7cf..aeb5ae41b44 100644
--- a/spec/features/remember_device/webauthn_spec.rb
+++ b/spec/features/remember_device/webauthn_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Remembering a webauthn device' do
+RSpec.describe 'Remembering a webauthn device' do
   include WebAuthnHelper
 
   before do
diff --git a/spec/features/reports/authorization_count_spec.rb b/spec/features/reports/authorization_count_spec.rb
index 6a8434d5363..514067e6797 100644
--- a/spec/features/reports/authorization_count_spec.rb
+++ b/spec/features/reports/authorization_count_spec.rb
@@ -33,7 +33,7 @@ def visit_idp_from_ial2_saml_sp(issuer:)
   )
 end
 
-describe 'authorization count' do
+RSpec.describe 'authorization count' do
   include IdvFromSpHelper
   include OidcAuthHelper
   include DocAuthHelper
diff --git a/spec/features/reports/monthly_gpo_letter_requests_report_spec.rb b/spec/features/reports/monthly_gpo_letter_requests_report_spec.rb
index 83675682396..8498508cd2c 100644
--- a/spec/features/reports/monthly_gpo_letter_requests_report_spec.rb
+++ b/spec/features/reports/monthly_gpo_letter_requests_report_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Monthly gpo letter requests report' do
+RSpec.feature 'Monthly gpo letter requests report' do
   it 'runs when there are not entries' do
     results_hash = JSON.parse(Reports::MonthlyGpoLetterRequestsReport.new.perform(Time.zone.today))
     expect(results_hash['total_letter_requests']).to eq(0)
diff --git a/spec/features/reports/sp_active_users_report_spec.rb b/spec/features/reports/sp_active_users_report_spec.rb
index 01c394ac597..2064aaa5657 100644
--- a/spec/features/reports/sp_active_users_report_spec.rb
+++ b/spec/features/reports/sp_active_users_report_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'sp active users report' do
+RSpec.feature 'sp active users report' do
   include SamlAuthHelper
   include IdvHelper
 
diff --git a/spec/features/saml/authorization_confirmation_spec.rb b/spec/features/saml/authorization_confirmation_spec.rb
index 7666808c692..269be1ebd93 100644
--- a/spec/features/saml/authorization_confirmation_spec.rb
+++ b/spec/features/saml/authorization_confirmation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'SAML Authorization Confirmation' do
+RSpec.feature 'SAML Authorization Confirmation' do
   include SamlAuthHelper
 
   before do
diff --git a/spec/features/saml/ial1/account_creation_spec.rb b/spec/features/saml/ial1/account_creation_spec.rb
index 098c4a0e541..34f0d952511 100644
--- a/spec/features/saml/ial1/account_creation_spec.rb
+++ b/spec/features/saml/ial1/account_creation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Canceling Account Creation' do
+RSpec.feature 'Canceling Account Creation' do
   include SamlAuthHelper
 
   context 'From the enter email page', email: true do
diff --git a/spec/features/saml/ial1_sso_spec.rb b/spec/features/saml/ial1_sso_spec.rb
index b5d4919b669..479fc166db9 100644
--- a/spec/features/saml/ial1_sso_spec.rb
+++ b/spec/features/saml/ial1_sso_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'IAL1 Single Sign On' do
+RSpec.feature 'IAL1 Single Sign On' do
   include SamlAuthHelper
 
   context 'First time registration', email: true do
@@ -83,7 +83,7 @@
       Warden.on_next_request do |proxy|
         proxy.env['devise.skip_trackable'] = true
         session = proxy.env['rack.session']
-        session['session_expires_at'] = Time.zone.now - 1
+        session['warden.user.user.session']['last_request_at'] = 30.minutes.ago.to_i
       end
 
       expect(page).to have_current_path(new_user_session_path(request_id: sp_request_id), wait: 5)
diff --git a/spec/features/saml/ial2_sso_spec.rb b/spec/features/saml/ial2_sso_spec.rb
index 682293d25ad..b146b17e97d 100644
--- a/spec/features/saml/ial2_sso_spec.rb
+++ b/spec/features/saml/ial2_sso_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'IAL2 Single Sign On' do
+RSpec.feature 'IAL2 Single Sign On' do
   include SamlAuthHelper
   include IdvStepHelper
   include DocAuthHelper
diff --git a/spec/features/saml/multiple_endpoints_spec.rb b/spec/features/saml/multiple_endpoints_spec.rb
index 2a998579a32..f697730c730 100644
--- a/spec/features/saml/multiple_endpoints_spec.rb
+++ b/spec/features/saml/multiple_endpoints_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'multiple saml endpoints' do
+RSpec.describe 'multiple saml endpoints' do
   include SamlAuthHelper
   include IdvHelper
 
diff --git a/spec/features/saml/phishing_resistant_required_spec.rb b/spec/features/saml/phishing_resistant_required_spec.rb
index 6e29d8c4f1b..a2788362651 100644
--- a/spec/features/saml/phishing_resistant_required_spec.rb
+++ b/spec/features/saml/phishing_resistant_required_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Phishing-resistant authentication required in an SAML context' do
+RSpec.describe 'Phishing-resistant authentication required in an SAML context' do
   include SamlAuthHelper
 
   describe 'SAML ServiceProvider requesting phishing-resistant authentication' do
diff --git a/spec/features/saml/redirect_uri_validation_spec.rb b/spec/features/saml/redirect_uri_validation_spec.rb
index 86d3b6102bf..cba31a0b8b9 100644
--- a/spec/features/saml/redirect_uri_validation_spec.rb
+++ b/spec/features/saml/redirect_uri_validation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'redirect_uri validation' do
+RSpec.describe 'redirect_uri validation' do
   include SamlAuthHelper
 
   context 'when redirect_uri param is included in SAML request' do
diff --git a/spec/features/saml/saml_logout_spec.rb b/spec/features/saml/saml_logout_spec.rb
index f06e5e49e3a..ec897261769 100644
--- a/spec/features/saml/saml_logout_spec.rb
+++ b/spec/features/saml/saml_logout_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'SAML logout' do
+RSpec.feature 'SAML logout' do
   include SamlAuthHelper
 
   let(:user) { create(:user, :fully_registered) }
diff --git a/spec/features/saml/saml_relay_state_spec.rb b/spec/features/saml/saml_relay_state_spec.rb
index 2bed4d0733a..4c4293d78ca 100644
--- a/spec/features/saml/saml_relay_state_spec.rb
+++ b/spec/features/saml/saml_relay_state_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'SAML RelayState' do
+RSpec.feature 'SAML RelayState' do
   include SamlAuthHelper
 
   context 'when RelayState is passed in authn request' do
diff --git a/spec/features/saml/saml_spec.rb b/spec/features/saml/saml_spec.rb
index 78d39cd729d..2e155ee2c23 100644
--- a/spec/features/saml/saml_spec.rb
+++ b/spec/features/saml/saml_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'saml api' do
+RSpec.feature 'saml api' do
   include SamlAuthHelper
   include IdvHelper
 
diff --git a/spec/features/session/decryption_spec.rb b/spec/features/session/decryption_spec.rb
index 13db76bc3a4..6e63e80a5d1 100644
--- a/spec/features/session/decryption_spec.rb
+++ b/spec/features/session/decryption_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Session decryption' do
+RSpec.feature 'Session decryption' do
   context 'when there is a session decryption error' do
     it 'should raise an error and log the user out' do
       sign_in_and_2fa_user
diff --git a/spec/features/session/timeout_spec.rb b/spec/features/session/timeout_spec.rb
index 2ba368b4e2d..789db94b387 100644
--- a/spec/features/session/timeout_spec.rb
+++ b/spec/features/session/timeout_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Session Timeout' do
+RSpec.feature 'Session Timeout' do
   context 'when SP info no longer in session but request_id params exists' do
     it 'preserves the branded experience' do
       issuer = 'http://localhost:3000'
diff --git a/spec/features/sign_in/banned_users_spec.rb b/spec/features/sign_in/banned_users_spec.rb
index 871fe787a2b..57d473ff161 100644
--- a/spec/features/sign_in/banned_users_spec.rb
+++ b/spec/features/sign_in/banned_users_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Banning users for an SP' do
+RSpec.feature 'Banning users for an SP' do
   include SamlAuthHelper
 
   context 'a user is banned from all SPs' do
diff --git a/spec/features/sign_in/remember_device_default_spec.rb b/spec/features/sign_in/remember_device_default_spec.rb
index d4485c735bf..eb6d9ce1e9e 100644
--- a/spec/features/sign_in/remember_device_default_spec.rb
+++ b/spec/features/sign_in/remember_device_default_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'Remember device checkbox' do
+RSpec.describe 'Remember device checkbox' do
   include SamlAuthHelper
 
   context 'when the user signs in and arrives at the 2FA page' do
diff --git a/spec/features/sign_in/sp_return_log_spec.rb b/spec/features/sign_in/sp_return_log_spec.rb
index 767b9e8a2d2..93e7b185515 100644
--- a/spec/features/sign_in/sp_return_log_spec.rb
+++ b/spec/features/sign_in/sp_return_log_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'SP return logs' do
+RSpec.feature 'SP return logs' do
   include SamlAuthHelper
 
   it 'updates user id after user authenticates so we can track any user back to issuer', :email do
diff --git a/spec/features/sign_in/two_factor_options_spec.rb b/spec/features/sign_in/two_factor_options_spec.rb
index 79b6b5be6a7..2f3f0cb9e3c 100644
--- a/spec/features/sign_in/two_factor_options_spec.rb
+++ b/spec/features/sign_in/two_factor_options_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'when using PIV/CAC to sign in' do
+RSpec.describe 'when using PIV/CAC to sign in' do
   let(:user) { user_with_piv_cac }
 
   it 'does not show any MFA options' do
@@ -9,7 +9,7 @@
   end
 end
 
-describe '2FA options when signing in' do
+RSpec.describe '2FA options when signing in' do
   context 'when the user only has SMS configured' do
     it 'only displays SMS and Voice' do
       user = create(:user, :fully_registered, otp_delivery_preference: 'sms')
diff --git a/spec/features/sp_cost_tracking_spec.rb b/spec/features/sp_cost_tracking_spec.rb
index c56a8da1867..2cf84699a8e 100644
--- a/spec/features/sp_cost_tracking_spec.rb
+++ b/spec/features/sp_cost_tracking_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'SP Costing', :email do
+RSpec.feature 'SP Costing', :email do
   include SpAuthHelper
   include SamlAuthHelper
   include IdvHelper
diff --git a/spec/features/two_factor_authentication/backup_code_sign_up_spec.rb b/spec/features/two_factor_authentication/backup_code_sign_up_spec.rb
index ce01aaeb945..f3ea79462f9 100644
--- a/spec/features/two_factor_authentication/backup_code_sign_up_spec.rb
+++ b/spec/features/two_factor_authentication/backup_code_sign_up_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'sign up with backup code' do
+RSpec.feature 'sign up with backup code' do
   include DocAuthHelper
   include SamlAuthHelper
 
diff --git a/spec/features/two_factor_authentication/change_factor_spec.rb b/spec/features/two_factor_authentication/change_factor_spec.rb
index ef851abf78f..0c17a8cea95 100644
--- a/spec/features/two_factor_authentication/change_factor_spec.rb
+++ b/spec/features/two_factor_authentication/change_factor_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Changing authentication factor' do
+RSpec.feature 'Changing authentication factor' do
   describe 'requires re-authenticating' do
     let(:user) { sign_up_and_2fa_ial1_user }
 
diff --git a/spec/features/two_factor_authentication/multiple_mfa_sign_up_spec.rb b/spec/features/two_factor_authentication/multiple_mfa_sign_up_spec.rb
index 0c219d059a6..2b36b87f275 100644
--- a/spec/features/two_factor_authentication/multiple_mfa_sign_up_spec.rb
+++ b/spec/features/two_factor_authentication/multiple_mfa_sign_up_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Multi Two Factor Authentication' do
+RSpec.feature 'Multi Two Factor Authentication' do
   describe 'When the user has not set up 2FA' do
     scenario 'user can set up 2 MFA methods properly' do
       sign_in_before_2fa
diff --git a/spec/features/two_factor_authentication/multiple_tabs_spec.rb b/spec/features/two_factor_authentication/multiple_tabs_spec.rb
index 0593d891557..f8bb55bdef0 100644
--- a/spec/features/two_factor_authentication/multiple_tabs_spec.rb
+++ b/spec/features/two_factor_authentication/multiple_tabs_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'user interacts with 2FA across multiple browser tabs' do
+RSpec.feature 'user interacts with 2FA across multiple browser tabs' do
   include SpAuthHelper
   include SamlAuthHelper
 
diff --git a/spec/features/two_factor_authentication/sign_in_spec.rb b/spec/features/two_factor_authentication/sign_in_spec.rb
index d8526e7dc10..2dfa1f4e39f 100644
--- a/spec/features/two_factor_authentication/sign_in_spec.rb
+++ b/spec/features/two_factor_authentication/sign_in_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Two Factor Authentication' do
+RSpec.feature 'Two Factor Authentication' do
   describe 'When the user has not set up 2FA' do
     scenario 'user is prompted to set up two factor authentication at account creation' do
       user = sign_in_before_2fa
diff --git a/spec/features/two_factor_authentication/sign_in_via_personal_key_spec.rb b/spec/features/two_factor_authentication/sign_in_via_personal_key_spec.rb
index 912037e2dfe..986ef899a32 100644
--- a/spec/features/two_factor_authentication/sign_in_via_personal_key_spec.rb
+++ b/spec/features/two_factor_authentication/sign_in_via_personal_key_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Signing in via one-time use personal key' do
+RSpec.feature 'Signing in via one-time use personal key' do
   it 'destroys old key, does not offer new one' do
     user = create(
       :user, :fully_registered, :with_phone, :with_personal_key,
diff --git a/spec/features/users/password_recovery_via_recovery_code_spec.rb b/spec/features/users/password_recovery_via_recovery_code_spec.rb
index 6466d7dcad1..8f6dbfc03fd 100644
--- a/spec/features/users/password_recovery_via_recovery_code_spec.rb
+++ b/spec/features/users/password_recovery_via_recovery_code_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Password recovery via personal key' do
+RSpec.feature 'Password recovery via personal key' do
   include PersonalKeyHelper
   include IdvStepHelper
   include SamlAuthHelper
diff --git a/spec/features/users/password_reset_with_pending_profile_spec.rb b/spec/features/users/password_reset_with_pending_profile_spec.rb
index 5b6b60154b6..84ab1af904d 100644
--- a/spec/features/users/password_reset_with_pending_profile_spec.rb
+++ b/spec/features/users/password_reset_with_pending_profile_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'reset password with pending profile' do
+RSpec.feature 'reset password with pending profile' do
   include PersonalKeyHelper
 
   let(:user) { create(:user, :fully_registered) }
diff --git a/spec/features/users/piv_cac_management_spec.rb b/spec/features/users/piv_cac_management_spec.rb
index 6489efb5803..eb42aa07787 100644
--- a/spec/features/users/piv_cac_management_spec.rb
+++ b/spec/features/users/piv_cac_management_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'PIV/CAC Management' do
+RSpec.feature 'PIV/CAC Management' do
   def find_form(page, attributes)
     page.all('form').detect do |form|
       attributes.all? { |key, value| form[key] == value }
diff --git a/spec/features/users/regenerate_personal_key_spec.rb b/spec/features/users/regenerate_personal_key_spec.rb
index cfb32335b3b..e89bdd976a3 100644
--- a/spec/features/users/regenerate_personal_key_spec.rb
+++ b/spec/features/users/regenerate_personal_key_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'View personal key' do
+RSpec.feature 'View personal key' do
   include XPathHelper
   include PersonalKeyHelper
   include SamlAuthHelper
diff --git a/spec/features/users/sign_in_irs_spec.rb b/spec/features/users/sign_in_irs_spec.rb
index 8901f81f467..874295bd20a 100644
--- a/spec/features/users/sign_in_irs_spec.rb
+++ b/spec/features/users/sign_in_irs_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Sign in to the IRS' do
+RSpec.feature 'Sign in to the IRS' do
   before(:all) do
     @original_capyabara_wait = Capybara.default_max_wait_time
     Capybara.default_max_wait_time = 5
diff --git a/spec/features/users/sign_in_spec.rb b/spec/features/users/sign_in_spec.rb
index 68b0d9b16f8..84d902ce34a 100644
--- a/spec/features/users/sign_in_spec.rb
+++ b/spec/features/users/sign_in_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Sign in' do
+RSpec.feature 'Sign in' do
   include SessionTimeoutWarningHelper
   include ActionView::Helpers::DateHelper
   include PersonalKeyHelper
diff --git a/spec/features/users/sign_out_spec.rb b/spec/features/users/sign_out_spec.rb
index 6d9812d540b..1798dffde9c 100644
--- a/spec/features/users/sign_out_spec.rb
+++ b/spec/features/users/sign_out_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Sign out' do
+RSpec.feature 'Sign out' do
   scenario 'user signs out successfully' do
     sign_in_and_2fa_user
     click_link(t('links.sign_out'), match: :first)
diff --git a/spec/features/users/sign_up_spec.rb b/spec/features/users/sign_up_spec.rb
index 0d0d84121a4..7544f2ef787 100644
--- a/spec/features/users/sign_up_spec.rb
+++ b/spec/features/users/sign_up_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Sign Up' do
+RSpec.feature 'Sign Up' do
   include SamlAuthHelper
   include DocAuthHelper
   include ActionView::Helpers::DateHelper
diff --git a/spec/features/users/totp_management_spec.rb b/spec/features/users/totp_management_spec.rb
index 5f9968ea51f..e02c2df3e3d 100644
--- a/spec/features/users/totp_management_spec.rb
+++ b/spec/features/users/totp_management_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'totp management' do
+RSpec.describe 'totp management' do
   context 'when the user has totp enabled' do
     let(:user) { create(:user, :fully_registered, :with_authentication_app) }
 
diff --git a/spec/features/users/user_edit_spec.rb b/spec/features/users/user_edit_spec.rb
index ecd28d8696e..7871d98e970 100644
--- a/spec/features/users/user_edit_spec.rb
+++ b/spec/features/users/user_edit_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'User edit' do
+RSpec.feature 'User edit' do
   let(:user) { create(:user, :fully_registered) }
 
   context 'editing password' do
diff --git a/spec/features/users/user_profile_spec.rb b/spec/features/users/user_profile_spec.rb
index 65404010c36..738198529ac 100644
--- a/spec/features/users/user_profile_spec.rb
+++ b/spec/features/users/user_profile_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'User profile' do
+RSpec.feature 'User profile' do
   include IdvStepHelper
   include NavigationHelper
   include PersonalKeyHelper
diff --git a/spec/features/users/verify_profile_spec.rb b/spec/features/users/verify_profile_spec.rb
index a9e96e1ab0f..4b507337cab 100644
--- a/spec/features/users/verify_profile_spec.rb
+++ b/spec/features/users/verify_profile_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'verify profile with OTP' do
+RSpec.feature 'verify profile with OTP' do
   include IdvStepHelper
 
   let(:user) { create(:user, :fully_registered) }
diff --git a/spec/features/visitors/bad_password_spec.rb b/spec/features/visitors/bad_password_spec.rb
index 11d21de25bb..b562a13a1b7 100644
--- a/spec/features/visitors/bad_password_spec.rb
+++ b/spec/features/visitors/bad_password_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Visitor signs in with bad passwords and gets locked out' do
+RSpec.feature 'Visitor signs in with bad passwords and gets locked out' do
   let(:bad_email) { 'bad@email.com' }
   let(:bad_password) { 'badpassword' }
 
diff --git a/spec/features/visitors/email_confirmation_spec.rb b/spec/features/visitors/email_confirmation_spec.rb
index 2ff6d1dd96f..c043c69030c 100644
--- a/spec/features/visitors/email_confirmation_spec.rb
+++ b/spec/features/visitors/email_confirmation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Email confirmation during sign up' do
+RSpec.feature 'Email confirmation during sign up' do
   scenario 'confirms valid email and sets valid password' do
     allow(IdentityConfig.store).to receive(:participate_in_dap).and_return(true)
     reset_email
diff --git a/spec/features/visitors/email_language_preference_spec.rb b/spec/features/visitors/email_language_preference_spec.rb
new file mode 100644
index 00000000000..cf45ee6d841
--- /dev/null
+++ b/spec/features/visitors/email_language_preference_spec.rb
@@ -0,0 +1,45 @@
+require 'rails_helper'
+
+RSpec.describe 'visitor signs up with email language preference' do
+  it 'defaults to the current locale' do
+    visit sign_up_email_path
+
+    field = page.find_field(
+      t('account.email_language.default', language: t("i18n.locale.#{I18n.default_locale}")),
+    )
+    expect(field).to be_present
+    expect(field[:lang]).to eq(I18n.default_locale.to_s)
+    (I18n.available_locales - [I18n.default_locale]).each do |locale|
+      field = page.find_field(t("i18n.locale.#{locale}"))
+      expect(field).to be_present
+      expect(field[:lang]).to eq(locale.to_s)
+    end
+
+    visit sign_up_email_path(:es)
+
+    field = page.find_field(t('account.email_language.default', language: t('i18n.locale.es')))
+    expect(field).to be_present
+    expect(field[:lang]).to eq('es')
+    (I18n.available_locales - [:es]).each do |locale|
+      field = page.find_field(t("i18n.locale.#{locale}"))
+      expect(field).to be_present
+      expect(field[:lang]).to eq(locale.to_s)
+    end
+  end
+
+  it 'sends emails in the selected language' do
+    email = 'test@example.com'
+
+    visit sign_up_email_path
+    choose t('i18n.locale.es')
+    check t('sign_up.terms', app_name: APP_NAME)
+    fill_in t('forms.registration.labels.email'), with: email
+    click_button t('forms.buttons.submit.default')
+
+    emails = unread_emails_for(email)
+
+    expect(emails.last.subject).to eq(
+      t('user_mailer.email_confirmation_instructions.subject', locale: :es),
+    )
+  end
+end
diff --git a/spec/features/visitors/i18n_spec.rb b/spec/features/visitors/i18n_spec.rb
index d45d0b3a9f6..fea3b984986 100644
--- a/spec/features/visitors/i18n_spec.rb
+++ b/spec/features/visitors/i18n_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Internationalization' do
+RSpec.feature 'Internationalization' do
   context 'visit homepage with no locale set' do
     it 'displays a header in the default locale' do
       visit root_path
diff --git a/spec/features/visitors/js_disabled_spec.rb b/spec/features/visitors/js_disabled_spec.rb
index d4d6d90dffe..330c39f4da4 100644
--- a/spec/features/visitors/js_disabled_spec.rb
+++ b/spec/features/visitors/js_disabled_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'JavaScript progressive enhancement' do
+RSpec.feature 'JavaScript progressive enhancement' do
   describe 'banner' do
     context 'javascript disabled' do
       it 'displays content visibly' do
diff --git a/spec/features/visitors/navigation_spec.rb b/spec/features/visitors/navigation_spec.rb
index 6e00840557d..86b41b78257 100644
--- a/spec/features/visitors/navigation_spec.rb
+++ b/spec/features/visitors/navigation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Navigation links' do
+RSpec.feature 'Navigation links' do
   scenario 'view navigation links' do
     visit root_path
   end
diff --git a/spec/features/visitors/password_recovery_spec.rb b/spec/features/visitors/password_recovery_spec.rb
index f739b79446a..554649423c4 100644
--- a/spec/features/visitors/password_recovery_spec.rb
+++ b/spec/features/visitors/password_recovery_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Password Recovery' do
+RSpec.feature 'Password Recovery' do
   include IdvHelper
   include PersonalKeyHelper
   include SamlAuthHelper
diff --git a/spec/features/visitors/resend_email_confirmation_spec.rb b/spec/features/visitors/resend_email_confirmation_spec.rb
index ee5f5ef46bd..0a349d8138e 100644
--- a/spec/features/visitors/resend_email_confirmation_spec.rb
+++ b/spec/features/visitors/resend_email_confirmation_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'email_spec'
 
-feature 'Visit requests confirmation instructions again during sign up' do
+RSpec.feature 'Visit requests confirmation instructions again during sign up' do
   include(EmailSpec::Helpers)
   include(EmailSpec::Matchers)
 
diff --git a/spec/features/visitors/set_password_spec.rb b/spec/features/visitors/set_password_spec.rb
index 9104344f997..13556b8c812 100644
--- a/spec/features/visitors/set_password_spec.rb
+++ b/spec/features/visitors/set_password_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Visitor sets password during signup' do
+RSpec.feature 'Visitor sets password during signup' do
   scenario 'visitor is redirected back to password form when password is blank' do
     create(:user, :unconfirmed)
     confirm_last_user
diff --git a/spec/features/visitors/sign_up_with_email_spec.rb b/spec/features/visitors/sign_up_with_email_spec.rb
index 02374412ac4..2df4db05d8e 100644
--- a/spec/features/visitors/sign_up_with_email_spec.rb
+++ b/spec/features/visitors/sign_up_with_email_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'Visitor signs up with email address' do
+RSpec.feature 'Visitor signs up with email address' do
   scenario 'visitor can sign up with valid email address' do
     email = 'test@example.com'
     sign_up_with(email)
diff --git a/spec/features/webauthn/hidden_spec.rb b/spec/features/webauthn/hidden_spec.rb
index 57cef623dd5..76fa1b65823 100644
--- a/spec/features/webauthn/hidden_spec.rb
+++ b/spec/features/webauthn/hidden_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'webauthn hide' do
+RSpec.describe 'webauthn hide' do
   context 'on sign up' do
     context 'with javascript enabled', :js do
       it 'displays the security key option' do
diff --git a/spec/features/webauthn/management_spec.rb b/spec/features/webauthn/management_spec.rb
index 6b4fb55e552..d007f620168 100644
--- a/spec/features/webauthn/management_spec.rb
+++ b/spec/features/webauthn/management_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'webauthn management' do
+RSpec.describe 'webauthn management' do
   include WebAuthnHelper
 
   let(:user) { create(:user, :fully_registered, with: { phone: '+1 202-555-1212' }) }
diff --git a/spec/features/webauthn/sign_in_spec.rb b/spec/features/webauthn/sign_in_spec.rb
index 611724f66b1..723ea04c0fc 100644
--- a/spec/features/webauthn/sign_in_spec.rb
+++ b/spec/features/webauthn/sign_in_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'webauthn sign in' do
+RSpec.feature 'webauthn sign in' do
   include WebAuthnHelper
 
   before do
diff --git a/spec/features/webauthn/sign_up_spec.rb b/spec/features/webauthn/sign_up_spec.rb
index 1770458506d..5bd6a1bffd5 100644
--- a/spec/features/webauthn/sign_up_spec.rb
+++ b/spec/features/webauthn/sign_up_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-feature 'webauthn sign up' do
+RSpec.feature 'webauthn sign up' do
   include OidcAuthHelper
   include WebAuthnHelper
 
diff --git a/spec/forms/backup_code_setup_form_spec.rb b/spec/forms/backup_code_setup_form_spec.rb
index 4979d167ba2..a4199139c0b 100644
--- a/spec/forms/backup_code_setup_form_spec.rb
+++ b/spec/forms/backup_code_setup_form_spec.rb
@@ -1,4 +1,4 @@
 require 'rails_helper'
 
-describe BackupCodeSetupForm do
+RSpec.describe BackupCodeSetupForm do
 end
diff --git a/spec/forms/delete_user_email_form_spec.rb b/spec/forms/delete_user_email_form_spec.rb
index de45c232316..8bc089fa4b6 100644
--- a/spec/forms/delete_user_email_form_spec.rb
+++ b/spec/forms/delete_user_email_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe DeleteUserEmailForm do
+RSpec.describe DeleteUserEmailForm do
   describe '#submit' do
     subject(:submit) { form.submit }
 
diff --git a/spec/forms/edit_phone_form_spec.rb b/spec/forms/edit_phone_form_spec.rb
index a19c32912aa..fec67501fde 100644
--- a/spec/forms/edit_phone_form_spec.rb
+++ b/spec/forms/edit_phone_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EditPhoneForm do
+RSpec.describe EditPhoneForm do
   include Shoulda::Matchers::ActiveModel
 
   let(:user) { create(:user, :fully_registered) }
diff --git a/spec/forms/event_disavowal/password_reset_from_disavowal_form_spec.rb b/spec/forms/event_disavowal/password_reset_from_disavowal_form_spec.rb
index 378e6f67028..7d442e98706 100644
--- a/spec/forms/event_disavowal/password_reset_from_disavowal_form_spec.rb
+++ b/spec/forms/event_disavowal/password_reset_from_disavowal_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EventDisavowal::PasswordResetFromDisavowalForm, type: :model do
+RSpec.describe EventDisavowal::PasswordResetFromDisavowalForm, type: :model do
   let(:user) { create(:user, password: 'salty pickles') }
   let(:new_password) { 'saltier pickles' }
   let(:event) { create(:event, user: user) }
diff --git a/spec/forms/gpo_verify_form_spec.rb b/spec/forms/gpo_verify_form_spec.rb
index b49d9c2e93a..6ca604f993c 100644
--- a/spec/forms/gpo_verify_form_spec.rb
+++ b/spec/forms/gpo_verify_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe GpoVerifyForm do
+RSpec.describe GpoVerifyForm do
   subject(:form) do
     GpoVerifyForm.new(user: user, pii: applicant, otp: entered_otp)
   end
diff --git a/spec/forms/idv/api_image_upload_form_spec.rb b/spec/forms/idv/api_image_upload_form_spec.rb
index 52120847048..e0622c32076 100644
--- a/spec/forms/idv/api_image_upload_form_spec.rb
+++ b/spec/forms/idv/api_image_upload_form_spec.rb
@@ -1,8 +1,6 @@
 require 'rails_helper'
 
 RSpec.describe Idv::ApiImageUploadForm do
-  include AnalyticsEvents
-
   subject(:form) do
     Idv::ApiImageUploadForm.new(
       ActionController::Parameters.new(
@@ -108,6 +106,38 @@
           user_id: document_capture_session.user.uuid,
           flow_path: anything,
         )
+
+        expect(fake_analytics).to have_logged_event(
+          'IdV: doc auth image upload vendor submitted',
+          async: false,
+          attempts: 1,
+          attention_with_barcode: false,
+          billed: true,
+          client_image_metrics: {
+            back: {
+              height: 20,
+              mimeType: 'image/png',
+              source: 'upload',
+              width: 20,
+            },
+            front: {
+              height: 40,
+              mimeType: 'image/png',
+              source: 'upload',
+              width: 40,
+            },
+          },
+          doc_auth_result: 'Passed',
+          errors: {},
+          exception: nil,
+          flow_path: anything,
+          remaining_attempts: 3,
+          state: 'MT',
+          state_id_type: 'drivers_license',
+          success: true,
+          user_id: document_capture_session.user.uuid,
+          vendor_request_time_in_ms: a_kind_of(Float),
+        )
       end
 
       it 'returns the expected response' do
diff --git a/spec/forms/idv/doc_pii_form_spec.rb b/spec/forms/idv/doc_pii_form_spec.rb
index 5251a9eb18f..b65d54bc72e 100644
--- a/spec/forms/idv/doc_pii_form_spec.rb
+++ b/spec/forms/idv/doc_pii_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::DocPiiForm do
+RSpec.describe Idv::DocPiiForm do
   let(:user) { create(:user) }
   let(:subject) { Idv::DocPiiForm.new(pii: pii) }
   let(:valid_dob) { (Time.zone.today - (IdentityConfig.store.idv_min_age_years + 1).years).to_s }
diff --git a/spec/forms/idv/in_person/address_form_spec.rb b/spec/forms/idv/in_person/address_form_spec.rb
index aef7424b8d7..f51daf033e3 100644
--- a/spec/forms/idv/in_person/address_form_spec.rb
+++ b/spec/forms/idv/in_person/address_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::InPerson::AddressForm do
+RSpec.describe Idv::InPerson::AddressForm do
   let(:pii) { Idp::Constants::MOCK_IDV_APPLICANT_STATE_ID_ADDRESS }
   context 'test validation for transliteration after form submission' do
     let(:good_params) do
diff --git a/spec/forms/idv/phone_confirmation_otp_verification_form_spec.rb b/spec/forms/idv/phone_confirmation_otp_verification_form_spec.rb
index 6a986c63371..e2bb44aa4ab 100644
--- a/spec/forms/idv/phone_confirmation_otp_verification_form_spec.rb
+++ b/spec/forms/idv/phone_confirmation_otp_verification_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::PhoneConfirmationOtpVerificationForm do
+RSpec.describe Idv::PhoneConfirmationOtpVerificationForm do
   let(:user) { create(:user, :fully_registered) }
   let(:phone) { '+1 (225) 555-5000' }
   let(:phone_confirmation_otp_sent_at) { Time.zone.now }
diff --git a/spec/forms/idv/phone_form_spec.rb b/spec/forms/idv/phone_form_spec.rb
index 5aa1db4d47e..d168236f981 100644
--- a/spec/forms/idv/phone_form_spec.rb
+++ b/spec/forms/idv/phone_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::PhoneForm do
+RSpec.describe Idv::PhoneForm do
   let(:user) { build_stubbed(:user, :fully_registered) }
   let(:phone) { '703-555-5000' }
   let(:params) { { phone: phone } }
diff --git a/spec/forms/idv/ssn_form_spec.rb b/spec/forms/idv/ssn_form_spec.rb
index 5ae101d403f..e0cf702714d 100644
--- a/spec/forms/idv/ssn_form_spec.rb
+++ b/spec/forms/idv/ssn_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::SsnForm do
+RSpec.describe Idv::SsnForm do
   let(:user) { create(:user) }
   let(:subject) { Idv::SsnForm.new(user) }
   let(:ssn) { '111111111' }
diff --git a/spec/forms/idv/ssn_format_form_spec.rb b/spec/forms/idv/ssn_format_form_spec.rb
index 5e9fcaa32b2..b0855ce7581 100644
--- a/spec/forms/idv/ssn_format_form_spec.rb
+++ b/spec/forms/idv/ssn_format_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::SsnFormatForm do
+RSpec.describe Idv::SsnFormatForm do
   let(:user) { create(:user) }
   let(:ssn) { '111-11-1111' }
   let(:flow_session) { {} }
diff --git a/spec/forms/idv/state_id_form_spec.rb b/spec/forms/idv/state_id_form_spec.rb
index 30b8142ca27..7cb107f7db5 100644
--- a/spec/forms/idv/state_id_form_spec.rb
+++ b/spec/forms/idv/state_id_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::StateIdForm do
+RSpec.describe Idv::StateIdForm do
   let(:subject) { Idv::StateIdForm.new(pii) }
   let(:valid_dob) do
     valid_d = Time.zone.today - IdentityConfig.store.idv_min_age_years.years - 1.day
diff --git a/spec/forms/new_phone_form_spec.rb b/spec/forms/new_phone_form_spec.rb
index 3135bc84dcb..fe90131f6a0 100644
--- a/spec/forms/new_phone_form_spec.rb
+++ b/spec/forms/new_phone_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe NewPhoneForm do
+RSpec.describe NewPhoneForm do
   include Shoulda::Matchers::ActiveModel
 
   let(:user) { build(:user, :fully_registered) }
diff --git a/spec/forms/otp_delivery_selection_form_spec.rb b/spec/forms/otp_delivery_selection_form_spec.rb
index f75a966f3df..b6fa0b77fff 100644
--- a/spec/forms/otp_delivery_selection_form_spec.rb
+++ b/spec/forms/otp_delivery_selection_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe OtpDeliverySelectionForm do
+RSpec.describe OtpDeliverySelectionForm do
   let(:phone_to_deliver_to) { '+1 (202) 555-1234' }
   subject do
     OtpDeliverySelectionForm.new(
diff --git a/spec/forms/password_form_spec.rb b/spec/forms/password_form_spec.rb
index b1ec0abe7a6..17c6010b6ef 100644
--- a/spec/forms/password_form_spec.rb
+++ b/spec/forms/password_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PasswordForm, type: :model do
+RSpec.describe PasswordForm, type: :model do
   subject(:form) { described_class.new(user) }
   let(:user) { build_stubbed(:user, uuid: '123') }
   let(:password) { 'Valid Password!' }
diff --git a/spec/forms/password_reset_email_form_spec.rb b/spec/forms/password_reset_email_form_spec.rb
index 9f47a673dd3..37a7928afbe 100644
--- a/spec/forms/password_reset_email_form_spec.rb
+++ b/spec/forms/password_reset_email_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PasswordResetEmailForm do
+RSpec.describe PasswordResetEmailForm do
   subject { PasswordResetEmailForm.new(' Test@example.com ') }
 
   it_behaves_like 'email validation'
diff --git a/spec/forms/personal_key_form_spec.rb b/spec/forms/personal_key_form_spec.rb
index 3099cbf3046..8cae7f93211 100644
--- a/spec/forms/personal_key_form_spec.rb
+++ b/spec/forms/personal_key_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PersonalKeyForm do
+RSpec.describe PersonalKeyForm do
   describe '#submit' do
     context 'when the form is valid' do
       it 'returns FormResponse with success: true' do
diff --git a/spec/forms/register_user_email_form_spec.rb b/spec/forms/register_user_email_form_spec.rb
index e9ec1186170..3c571fd3a81 100644
--- a/spec/forms/register_user_email_form_spec.rb
+++ b/spec/forms/register_user_email_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe RegisterUserEmailForm do
+RSpec.describe RegisterUserEmailForm do
   let(:analytics) { FakeAnalytics.new }
   let(:attempts_tracker) { IrsAttemptsApiTrackingHelper::FakeAttemptsTracker.new }
   subject { RegisterUserEmailForm.new(analytics: analytics, attempts_tracker: attempts_tracker) }
diff --git a/spec/forms/reset_password_form_spec.rb b/spec/forms/reset_password_form_spec.rb
index 343fc0717a2..22d078d25f6 100644
--- a/spec/forms/reset_password_form_spec.rb
+++ b/spec/forms/reset_password_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ResetPasswordForm, type: :model do
+RSpec.describe ResetPasswordForm, type: :model do
   subject { ResetPasswordForm.new(build_stubbed(:user, uuid: '123')) }
 
   it_behaves_like 'password validation'
diff --git a/spec/forms/totp_setup_form_spec.rb b/spec/forms/totp_setup_form_spec.rb
index a7d0bdc78fe..79a814512d9 100644
--- a/spec/forms/totp_setup_form_spec.rb
+++ b/spec/forms/totp_setup_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TotpSetupForm do
+RSpec.describe TotpSetupForm do
   let(:user) { create(:user) }
   let(:secret) { user.generate_totp_secret }
   let(:code) { generate_totp_code(secret) }
diff --git a/spec/forms/totp_verification_form_spec.rb b/spec/forms/totp_verification_form_spec.rb
index 2e18ac33fc6..8dce35f5a5d 100644
--- a/spec/forms/totp_verification_form_spec.rb
+++ b/spec/forms/totp_verification_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TotpVerificationForm do
+RSpec.describe TotpVerificationForm do
   describe '#submit' do
     context 'when the form is valid' do
       it 'returns FormResponse with success: true' do
diff --git a/spec/forms/two_factor_authentication/phone_deletion_form_spec.rb b/spec/forms/two_factor_authentication/phone_deletion_form_spec.rb
index 06436103544..955e6b6f87e 100644
--- a/spec/forms/two_factor_authentication/phone_deletion_form_spec.rb
+++ b/spec/forms/two_factor_authentication/phone_deletion_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::PhoneDeletionForm do
+RSpec.describe TwoFactorAuthentication::PhoneDeletionForm do
   let(:form) { described_class.new(user, configuration) }
 
   describe '#submit' do
diff --git a/spec/forms/two_factor_login_options_form_spec.rb b/spec/forms/two_factor_login_options_form_spec.rb
index b772539e731..69a931f9307 100644
--- a/spec/forms/two_factor_login_options_form_spec.rb
+++ b/spec/forms/two_factor_login_options_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorLoginOptionsForm do
+RSpec.describe TwoFactorLoginOptionsForm do
   subject do
     TwoFactorLoginOptionsForm.new(
       build_stubbed(:user),
diff --git a/spec/forms/two_factor_options_form_spec.rb b/spec/forms/two_factor_options_form_spec.rb
index d9268006c95..a03e1685621 100644
--- a/spec/forms/two_factor_options_form_spec.rb
+++ b/spec/forms/two_factor_options_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorOptionsForm do
+RSpec.describe TwoFactorOptionsForm do
   let(:user) { build(:user) }
   let(:phishing_resistant_required) { false }
   let(:piv_cac_required) { false }
diff --git a/spec/forms/update_user_password_form_spec.rb b/spec/forms/update_user_password_form_spec.rb
index f745eac0cd9..3ff5ca155b4 100644
--- a/spec/forms/update_user_password_form_spec.rb
+++ b/spec/forms/update_user_password_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UpdateUserPasswordForm, type: :model do
+RSpec.describe UpdateUserPasswordForm, type: :model do
   let(:user) { build(:user, password: 'old strong password') }
   let(:user_session) { {} }
   let(:password) { 'salty new password' }
diff --git a/spec/forms/user_piv_cac_login_form_spec.rb b/spec/forms/user_piv_cac_login_form_spec.rb
index d053383e2e1..8c05c4e6e5d 100644
--- a/spec/forms/user_piv_cac_login_form_spec.rb
+++ b/spec/forms/user_piv_cac_login_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserPivCacLoginForm do
+RSpec.describe UserPivCacLoginForm do
   let(:user) { create(:user) }
   let(:piv_cac_configuration) do
     create(:piv_cac_configuration, user_id: user.id, x509_dn_uuid: 'random-uuid-for-x509-subject')
diff --git a/spec/forms/user_piv_cac_setup_form_spec.rb b/spec/forms/user_piv_cac_setup_form_spec.rb
index 6e5f4a44fb0..9b2b0871162 100644
--- a/spec/forms/user_piv_cac_setup_form_spec.rb
+++ b/spec/forms/user_piv_cac_setup_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserPivCacSetupForm do
+RSpec.describe UserPivCacSetupForm do
   let(:form) { described_class.new(user: user, token: token, nonce: nonce, name: 'Card 1') }
 
   let(:nonce) { 'nonce' }
diff --git a/spec/forms/user_piv_cac_verification_form_spec.rb b/spec/forms/user_piv_cac_verification_form_spec.rb
index 695ee7a6333..45967c3663f 100644
--- a/spec/forms/user_piv_cac_verification_form_spec.rb
+++ b/spec/forms/user_piv_cac_verification_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserPivCacVerificationForm do
+RSpec.describe UserPivCacVerificationForm do
   let(:form) { described_class.new(user: user, token: token, nonce: nonce) }
   let(:user) { create(:user, :with_piv_or_cac) }
   let(:nonce) { 'once' }
diff --git a/spec/forms/verify_password_form_spec.rb b/spec/forms/verify_password_form_spec.rb
index d6c0fbeae10..6d631beeefc 100644
--- a/spec/forms/verify_password_form_spec.rb
+++ b/spec/forms/verify_password_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe VerifyPasswordForm, type: :model do
+RSpec.describe VerifyPasswordForm, type: :model do
   describe '#submit' do
     context 'when the form is valid' do
       it 'is successful' do
diff --git a/spec/forms/webauthn_setup_form_spec.rb b/spec/forms/webauthn_setup_form_spec.rb
index e93020aa7ac..2fc99e3a1fe 100644
--- a/spec/forms/webauthn_setup_form_spec.rb
+++ b/spec/forms/webauthn_setup_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe WebauthnSetupForm do
+RSpec.describe WebauthnSetupForm do
   include WebAuthnHelper
 
   let(:user) { create(:user) }
diff --git a/spec/forms/webauthn_verification_form_spec.rb b/spec/forms/webauthn_verification_form_spec.rb
index 1760baa1beb..3dcabd0d7ea 100644
--- a/spec/forms/webauthn_verification_form_spec.rb
+++ b/spec/forms/webauthn_verification_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe WebauthnVerificationForm do
+RSpec.describe WebauthnVerificationForm do
   include WebAuthnHelper
 
   let(:user) { create(:user) }
diff --git a/spec/forms/webauthn_visit_form_spec.rb b/spec/forms/webauthn_visit_form_spec.rb
index 0a39a37b1c3..a9554e569c0 100644
--- a/spec/forms/webauthn_visit_form_spec.rb
+++ b/spec/forms/webauthn_visit_form_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe WebauthnVisitForm do
+RSpec.describe WebauthnVisitForm do
   let(:user) { build(:user) }
   let(:subject) { WebauthnVisitForm.new(user) }
 
diff --git a/spec/helpers/application_helper_spec.rb b/spec/helpers/application_helper_spec.rb
index 32f2a664ef7..ca004001b72 100644
--- a/spec/helpers/application_helper_spec.rb
+++ b/spec/helpers/application_helper_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ApplicationHelper do
+RSpec.describe ApplicationHelper do
   describe '#session_with_trust?' do
     context 'no user present' do
       before do
diff --git a/spec/helpers/session_timeout_warning_helper_spec.rb b/spec/helpers/session_timeout_warning_helper_spec.rb
index f2500accc2d..f6ebec301f7 100644
--- a/spec/helpers/session_timeout_warning_helper_spec.rb
+++ b/spec/helpers/session_timeout_warning_helper_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SessionTimeoutWarningHelper do
+RSpec.describe SessionTimeoutWarningHelper do
   describe '#expires_at' do
     around do |ex|
       freeze_time { ex.run }
@@ -21,10 +21,6 @@
     end
   end
 
-  def time_between_warning_and_timeout
-    IdentityConfig.store.session_timeout_warning_seconds
-  end
-
   describe '#timeout_refresh_path' do
     let(:http_host) { 'example.com' }
     before do
@@ -40,25 +36,24 @@ def time_between_warning_and_timeout
     context 'with no params in the request url' do
       let(:path_info) { '/foo/bar' }
 
-      it 'adds timeout=true params' do
-        expect(helper.timeout_refresh_path).to eq('/foo/bar?timeout=true')
+      it 'adds timeout params' do
+        expect(helper.timeout_refresh_path).to eq('/foo/bar?timeout=form')
       end
     end
 
     context 'with params in the request url' do
       let(:path_info) { '/foo/bar?key=value' }
 
-      it 'adds timeout=true and preserves params' do
-        expect(helper.timeout_refresh_path).to eq('/foo/bar?key=value&timeout=true')
+      it 'adds timeout and preserves params' do
+        expect(helper.timeout_refresh_path).to eq('/foo/bar?key=value&timeout=form')
       end
     end
 
-    context 'with timeout=true and request_id=123 \
-            in the query params already' do
-      let(:path_info) { '/foo/bar?timeout=true&request_id=123' }
+    context 'with timeout and request_id in the query params already' do
+      let(:path_info) { '/foo/bar?timeout=form&request_id=123' }
 
       it 'is the same' do
-        expect(helper.timeout_refresh_path).to eq('/foo/bar?request_id=123&timeout=true')
+        expect(helper.timeout_refresh_path).to eq('/foo/bar?request_id=123&timeout=form')
       end
     end
 
@@ -67,7 +62,7 @@ def time_between_warning_and_timeout
       let(:http_host) { "mTpvPME6'));select pg_sleep(9); --" }
 
       it 'does not blow up' do
-        expect(helper.timeout_refresh_path).to eq('/foo/bar?timeout=true')
+        expect(helper.timeout_refresh_path).to eq('/foo/bar?timeout=form')
       end
     end
 
diff --git a/spec/jobs/reports/deleted_user_accounts_report_spec.rb b/spec/jobs/reports/deleted_user_accounts_report_spec.rb
index cfee9a085b7..a7a81fbc22e 100644
--- a/spec/jobs/reports/deleted_user_accounts_report_spec.rb
+++ b/spec/jobs/reports/deleted_user_accounts_report_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Reports::DeletedUserAccountsReport do
+RSpec.describe Reports::DeletedUserAccountsReport do
   let(:issuer) { 'urn:gov:gsa:openidconnect:sp:sinatra' }
   let(:email) { 'foo@bar.com' }
   let(:name) { 'An SP' }
diff --git a/spec/jobs/reports/sp_active_users_report_spec.rb b/spec/jobs/reports/sp_active_users_report_spec.rb
index 744287037ad..1d2bd2965e0 100644
--- a/spec/jobs/reports/sp_active_users_report_spec.rb
+++ b/spec/jobs/reports/sp_active_users_report_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Reports::SpActiveUsersReport do
+RSpec.describe Reports::SpActiveUsersReport do
   subject { described_class.new }
 
   let(:issuer) { 'foo' }
diff --git a/spec/jobs/reports/total_monthly_auths_report_spec.rb b/spec/jobs/reports/total_monthly_auths_report_spec.rb
index 6010805dd40..b098af15040 100644
--- a/spec/jobs/reports/total_monthly_auths_report_spec.rb
+++ b/spec/jobs/reports/total_monthly_auths_report_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Reports::TotalMonthlyAuthsReport do
+RSpec.describe Reports::TotalMonthlyAuthsReport do
   subject { described_class.new }
 
   let(:issuer) { 'foo' }
diff --git a/spec/jobs/reports/verification_failures_report_spec.rb b/spec/jobs/reports/verification_failures_report_spec.rb
index 6e59db9d48c..640f025771f 100644
--- a/spec/jobs/reports/verification_failures_report_spec.rb
+++ b/spec/jobs/reports/verification_failures_report_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Reports::VerificationFailuresReport do
+RSpec.describe Reports::VerificationFailuresReport do
   let(:issuer) { 'urn:gov:gsa:openidconnect:sp:sinatra' }
   let(:email) { 'foo@bar.com' }
   let(:name) { 'An SP' }
diff --git a/spec/lib/ab_test_bucket_spec.rb b/spec/lib/ab_test_bucket_spec.rb
index 160bc2a4b50..e74940880c6 100644
--- a/spec/lib/ab_test_bucket_spec.rb
+++ b/spec/lib/ab_test_bucket_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AbTestBucket do
+RSpec.describe AbTestBucket do
   context 'configured with buckets adding up to less than 100 percent' do
     let(:foo_percent) { 30 }
     let(:bar_percent) { 20 }
diff --git a/spec/lib/app_artifacts_spec.rb b/spec/lib/app_artifacts_spec.rb
index 4df950e0f0c..083e01d78cb 100644
--- a/spec/lib/app_artifacts_spec.rb
+++ b/spec/lib/app_artifacts_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AppArtifacts::Store do
+RSpec.describe AppArtifacts::Store do
   subject(:instance) { AppArtifacts::Store.new }
 
   describe '#add_artifact' do
diff --git a/spec/lib/aws/ses_spec.rb b/spec/lib/aws/ses_spec.rb
index 07ab3fc14cc..f35e251b3a1 100644
--- a/spec/lib/aws/ses_spec.rb
+++ b/spec/lib/aws/ses_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Aws::SES::Base do
+RSpec.describe Aws::SES::Base do
   let(:mail) do
     Mail.new(
       to: 'asdf@example.com',
diff --git a/spec/lib/data_requests/deployed/create_email_addresses_report_spec.rb b/spec/lib/data_requests/deployed/create_email_addresses_report_spec.rb
index b57d8836d3c..1d78fe81018 100644
--- a/spec/lib/data_requests/deployed/create_email_addresses_report_spec.rb
+++ b/spec/lib/data_requests/deployed/create_email_addresses_report_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'data_requests/deployed'
 
-describe DataRequests::Deployed::CreateEmailAddressesReport do
+RSpec.describe DataRequests::Deployed::CreateEmailAddressesReport do
   describe '#call' do
     it 'returns an array with hashes representing the users email addresses' do
       user = create(:user)
diff --git a/spec/lib/data_requests/deployed/create_mfa_configurations_report_spec.rb b/spec/lib/data_requests/deployed/create_mfa_configurations_report_spec.rb
index 65c6431ac94..d11712ed2d4 100644
--- a/spec/lib/data_requests/deployed/create_mfa_configurations_report_spec.rb
+++ b/spec/lib/data_requests/deployed/create_mfa_configurations_report_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'data_requests/deployed'
 
-describe DataRequests::Deployed::CreateMfaConfigurationsReport do
+RSpec.describe DataRequests::Deployed::CreateMfaConfigurationsReport do
   describe '#call' do
     it 'includes an array for phone numbers' do
       user = create(:user)
diff --git a/spec/lib/data_requests/deployed/create_user_events_report_spec.rb b/spec/lib/data_requests/deployed/create_user_events_report_spec.rb
index fc8c56cd4f1..b96e6a5aa81 100644
--- a/spec/lib/data_requests/deployed/create_user_events_report_spec.rb
+++ b/spec/lib/data_requests/deployed/create_user_events_report_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'data_requests/deployed'
 
-describe DataRequests::Deployed::CreateUserEventsReport do
+RSpec.describe DataRequests::Deployed::CreateUserEventsReport do
   describe '#call' do
     it 'returns an array of hashes representing the users events' do
       user = create(:user)
diff --git a/spec/lib/data_requests/deployed/create_user_report_spec.rb b/spec/lib/data_requests/deployed/create_user_report_spec.rb
index a282d769d40..8b66c950bea 100644
--- a/spec/lib/data_requests/deployed/create_user_report_spec.rb
+++ b/spec/lib/data_requests/deployed/create_user_report_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'data_requests/deployed'
 
-describe DataRequests::Deployed::CreateUserReport do
+RSpec.describe DataRequests::Deployed::CreateUserReport do
   it 'returns a report containing information about' do
     user = create(:user)
 
diff --git a/spec/lib/data_requests/deployed/lookup_shared_device_users_spec.rb b/spec/lib/data_requests/deployed/lookup_shared_device_users_spec.rb
index af6ca52084e..6d9016f092c 100644
--- a/spec/lib/data_requests/deployed/lookup_shared_device_users_spec.rb
+++ b/spec/lib/data_requests/deployed/lookup_shared_device_users_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'data_requests/deployed'
 
-describe DataRequests::Deployed::LookupSharedDeviceUsers do
+RSpec.describe DataRequests::Deployed::LookupSharedDeviceUsers do
   describe '#call' do
     it 'recursively looks up users sharing devices' do
       user1 = create(:user)
diff --git a/spec/lib/data_requests/deployed/lookup_user_by_uuid_spec.rb b/spec/lib/data_requests/deployed/lookup_user_by_uuid_spec.rb
index 05d7cda51da..02aad97a242 100644
--- a/spec/lib/data_requests/deployed/lookup_user_by_uuid_spec.rb
+++ b/spec/lib/data_requests/deployed/lookup_user_by_uuid_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'data_requests/deployed'
 
-describe DataRequests::Deployed::LookupUserByUuid do
+RSpec.describe DataRequests::Deployed::LookupUserByUuid do
   describe '#call' do
     context 'when a user exists with the UUID' do
       it 'returns the user' do
diff --git a/spec/lib/data_requests/local/write_user_events_spec.rb b/spec/lib/data_requests/local/write_user_events_spec.rb
index 808023e9098..3f5c52a650c 100644
--- a/spec/lib/data_requests/local/write_user_events_spec.rb
+++ b/spec/lib/data_requests/local/write_user_events_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'data_requests/local'
 
-describe DataRequests::Local::WriteUserEvents do
+RSpec.describe DataRequests::Local::WriteUserEvents do
   let(:requesting_issuer_uuid) { SecureRandom.uuid }
 
   describe '#call' do
diff --git a/spec/lib/data_requests/local/write_user_info_spec.rb b/spec/lib/data_requests/local/write_user_info_spec.rb
index c03e95ed460..6fca619b720 100644
--- a/spec/lib/data_requests/local/write_user_info_spec.rb
+++ b/spec/lib/data_requests/local/write_user_info_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'data_requests/local'
 
-describe DataRequests::Local::WriteUserInfo do
+RSpec.describe DataRequests::Local::WriteUserInfo do
   describe '#call' do
     it 'writes a file with user information' do
       user_report = JSON.parse(
diff --git a/spec/lib/deploy/activate_spec.rb b/spec/lib/deploy/activate_spec.rb
index 5040626c424..a857a4670f1 100644
--- a/spec/lib/deploy/activate_spec.rb
+++ b/spec/lib/deploy/activate_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require Rails.root.join('lib', 'deploy', 'activate.rb')
 
-describe Deploy::Activate do
+RSpec.describe Deploy::Activate do
   let(:root) { @root }
 
   around(:each) do |ex|
diff --git a/spec/lib/feature_management_spec.rb b/spec/lib/feature_management_spec.rb
index f01287d1dd0..b5bbd9d92a7 100644
--- a/spec/lib/feature_management_spec.rb
+++ b/spec/lib/feature_management_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'FeatureManagement' do
+RSpec.describe 'FeatureManagement' do
   describe '#prefill_otp_codes?' do
     context 'when SMS sending is disabled' do
       before { allow(FeatureManagement).to receive(:telephony_test_adapter?).and_return(true) }
diff --git a/spec/lib/fingerprinter_spec.rb b/spec/lib/fingerprinter_spec.rb
index 1c5b378230f..3a70519d0e6 100644
--- a/spec/lib/fingerprinter_spec.rb
+++ b/spec/lib/fingerprinter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Fingerprinter do
+RSpec.describe Fingerprinter do
   describe '.fingerprint_cert' do
     context 'ssl_cert is nil' do
       it 'returns nil' do
diff --git a/spec/lib/good_job_connection_pool_size_spec.rb b/spec/lib/good_job_connection_pool_size_spec.rb
index 3aadc909e75..43cf38aa417 100644
--- a/spec/lib/good_job_connection_pool_size_spec.rb
+++ b/spec/lib/good_job_connection_pool_size_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe GoodJobConnectionPoolSize do
+RSpec.describe GoodJobConnectionPoolSize do
   describe '.calculate_worker_pool_size' do
     it 'calculates pool size based and returns an integer' do
       connections = GoodJobConnectionPoolSize.calculate_worker_pool_size(
diff --git a/spec/lib/linters/errors_add_linter_spec.rb b/spec/lib/linters/errors_add_linter_spec.rb
index 4d41a50a65c..3aa87f6d71a 100644
--- a/spec/lib/linters/errors_add_linter_spec.rb
+++ b/spec/lib/linters/errors_add_linter_spec.rb
@@ -2,7 +2,7 @@
 require 'rubocop/rspec/support'
 require_relative '../../../lib/linters/errors_add_linter'
 
-describe RuboCop::Cop::IdentityIdp::ErrorsAddLinter do
+RSpec.describe RuboCop::Cop::IdentityIdp::ErrorsAddLinter do
   include CopHelper
   include RuboCop::RSpec::ExpectOffense
 
diff --git a/spec/lib/linters/image_size_linter_spec.rb b/spec/lib/linters/image_size_linter_spec.rb
index b01bbfd134c..91cf933af4a 100644
--- a/spec/lib/linters/image_size_linter_spec.rb
+++ b/spec/lib/linters/image_size_linter_spec.rb
@@ -2,7 +2,7 @@
 require 'rubocop/rspec/support'
 require_relative '../../../lib/linters/image_size_linter'
 
-describe RuboCop::Cop::IdentityIdp::ImageSizeLinter do
+RSpec.describe RuboCop::Cop::IdentityIdp::ImageSizeLinter do
   include CopHelper
   include RuboCop::RSpec::ExpectOffense
 
diff --git a/spec/lib/linters/localized_validation_message_linter_spec.rb b/spec/lib/linters/localized_validation_message_linter_spec.rb
index 4472ff5dece..be2fe6a0219 100644
--- a/spec/lib/linters/localized_validation_message_linter_spec.rb
+++ b/spec/lib/linters/localized_validation_message_linter_spec.rb
@@ -2,7 +2,7 @@
 require 'rubocop/rspec/support'
 require_relative '../../../lib/linters/localized_validation_message_linter'
 
-describe RuboCop::Cop::IdentityIdp::LocalizedValidationMessageLinter do
+RSpec.describe RuboCop::Cop::IdentityIdp::LocalizedValidationMessageLinter do
   include CopHelper
   include RuboCop::RSpec::ExpectOffense
 
diff --git a/spec/lib/linters/mail_later_linter_spec.rb b/spec/lib/linters/mail_later_linter_spec.rb
index 29e986a9407..7c5f43600b6 100644
--- a/spec/lib/linters/mail_later_linter_spec.rb
+++ b/spec/lib/linters/mail_later_linter_spec.rb
@@ -3,7 +3,7 @@
 require 'rails_helper'
 require_relative '../../../lib/linters/mail_later_linter'
 
-describe RuboCop::Cop::IdentityIdp::MailLaterLinter do
+RSpec.describe RuboCop::Cop::IdentityIdp::MailLaterLinter do
   include CopHelper
   include RuboCop::RSpec::ExpectOffense
 
diff --git a/spec/lib/linters/redirect_back_linter_spec.rb b/spec/lib/linters/redirect_back_linter_spec.rb
index 63bd3ec6827..dd35e484a19 100644
--- a/spec/lib/linters/redirect_back_linter_spec.rb
+++ b/spec/lib/linters/redirect_back_linter_spec.rb
@@ -2,7 +2,7 @@
 require 'rubocop/rspec/support'
 require_relative '../../../lib/linters/redirect_back_linter'
 
-describe RuboCop::Cop::IdentityIdp::RedirectBackLinter do
+RSpec.describe RuboCop::Cop::IdentityIdp::RedirectBackLinter do
   include CopHelper
   include RuboCop::RSpec::ExpectOffense
 
diff --git a/spec/lib/linters/url_options_linter_spec.rb b/spec/lib/linters/url_options_linter_spec.rb
index b7d4980bd19..006f0cb911b 100644
--- a/spec/lib/linters/url_options_linter_spec.rb
+++ b/spec/lib/linters/url_options_linter_spec.rb
@@ -2,7 +2,7 @@
 require 'rubocop/rspec/support'
 require_relative '../../../lib/linters/url_options_linter'
 
-describe RuboCop::Cop::IdentityIdp::UrlOptionsLinter do
+RSpec.describe RuboCop::Cop::IdentityIdp::UrlOptionsLinter do
   include CopHelper
   include RuboCop::RSpec::ExpectOffense
 
diff --git a/spec/lib/pinpoint_supported_countries_spec.rb b/spec/lib/pinpoint_supported_countries_spec.rb
index a190efba028..7f311420b18 100644
--- a/spec/lib/pinpoint_supported_countries_spec.rb
+++ b/spec/lib/pinpoint_supported_countries_spec.rb
@@ -150,11 +150,22 @@
         stub_const('PinpointSupportedCountries::SENDER_ID_COUNTRIES', [])
       end
 
-      it 'is supported' do
+      it 'is not supported' do
         belarus = countries.sms_support.find { |c| c.iso_code == 'BY' }
         expect(belarus.supports_sms).to eq(false)
       end
     end
+
+    context 'when we do not have a sender ID and the country is on our exceptions list' do
+      before do
+        stub_const('PinpointSupportedCountries::SENDER_ID_EXCEPTION_COUNTRIES', %w[BY])
+      end
+
+      it 'is supported' do
+        belarus = countries.sms_support.find { |c| c.iso_code == 'BY' }
+        expect(belarus.supports_sms).to eq(true)
+      end
+    end
   end
 
   describe '#voice_support' do
diff --git a/spec/lib/reporting/command_line_options_spec.rb b/spec/lib/reporting/command_line_options_spec.rb
index 98b53f80150..82f2a055d32 100644
--- a/spec/lib/reporting/command_line_options_spec.rb
+++ b/spec/lib/reporting/command_line_options_spec.rb
@@ -12,8 +12,9 @@
 
     let(:stdout) { StringIO.new }
     let(:argv) { [] }
+    let(:require_issuer) { true }
 
-    subject(:parse!) { instance.parse!(argv, out: stdout) }
+    subject(:parse!) { instance.parse!(argv, out: stdout, require_issuer: require_issuer) }
 
     context 'with no arguments' do
       let(:argv) { [] }
@@ -54,6 +55,33 @@
       end
     end
 
+    context 'missing --issuer' do
+      let(:argv) { %w[--date 2023-1-1] }
+
+      it 'prints help and exits uncleanly' do
+        expect(instance).to receive(:exit).and_return(1)
+
+        parse!
+
+        expect(stdout.string).to include('Usage:')
+      end
+
+      context 'with require_issuer: false' do
+        let(:require_issuer) { false }
+
+        it 'returns the parsed options' do
+          expect(parse!).to match(
+            time_range: Date.new(2023, 1, 1).in_time_zone('UTC').all_day,
+            issuer: nil,
+            verbose: false,
+            progress: true,
+            slice: 3.hours,
+            threads: 5,
+          )
+        end
+      end
+    end
+
     context 'with --week and --issuer' do
       let(:argv) { %W[--week 2023-1-1 --issuer #{issuer}] }
 
diff --git a/spec/lib/reporting/monthly_proofing_report_spec.rb b/spec/lib/reporting/monthly_proofing_report_spec.rb
new file mode 100644
index 00000000000..5e00fee39af
--- /dev/null
+++ b/spec/lib/reporting/monthly_proofing_report_spec.rb
@@ -0,0 +1,72 @@
+require 'rails_helper'
+require 'reporting/monthly_proofing_report'
+
+RSpec.describe Reporting::MonthlyProofingReport do
+  let(:time_range) { Date.new(2022, 1, 1).all_month }
+
+  subject(:report) { Reporting::MonthlyProofingReport.new(time_range:) }
+
+  before do
+    cloudwatch_client = double(
+      'Reporting::CloudwatchClient',
+      fetch: [
+        # Success
+        { 'user_id' => 'user1', 'name' => 'IdV: doc auth image upload vendor submitted' },
+        { 'user_id' => 'user1', 'name' => 'IdV: final resolution' },
+
+        # Letter requested user
+        { 'user_id' => 'user2', 'name' => 'IdV: doc auth image upload vendor submitted' },
+        { 'user_id' => 'user2', 'name' => 'IdV: USPS address letter requested' },
+
+        # Fraud review user
+        { 'user_id' => 'user3', 'name' => 'IdV: doc auth image upload vendor submitted' },
+        { 'user_id' => 'user3', 'name' => 'IdV: Verify please call visited' },
+
+        # In-person user
+        { 'user_id' => 'user4', 'name' => 'IdV: doc auth image upload vendor submitted' },
+        { 'user_id' => 'user4', 'name' => 'USPS IPPaaS enrollment created' },
+
+        # Incomplete user
+        { 'user_id' => 'user5', 'name' => 'IdV: doc auth image upload vendor submitted' },
+      ],
+    )
+
+    allow(report).to receive(:cloudwatch_client).and_return(cloudwatch_client)
+  end
+
+  describe '#to_csv' do
+    it 'generates a csv' do
+      csv = CSV.parse(report.to_csv, headers: false)
+
+      expected_csv = [
+        ['report_start', time_range.begin.iso8601],
+        ['report_end', time_range.end.iso8601],
+        ['report_generated', Date.today.to_s], # rubocop:disable Rails/Date
+        ['metric', 'num_users', 'percent'],
+        ['image_submitted', 5, 5.0 / 5],
+        ['verified', 1, 1.0 / 5],
+        ['not_verified_started_gpo', 1, 1.0 / 5],
+        ['not_verified_started_in_person', 1, 1.0 / 5],
+        ['not_verified_started_fraud_review', 1, 1.0 / 5],
+      ]
+
+      aggregate_failures do
+        csv.map(&:to_a).zip(expected_csv).each do |actual, expected|
+          expect(actual).to eq(expected.map(&:to_s))
+        end
+      end
+    end
+  end
+
+  describe '#data' do
+    it 'keeps unique users per event as a hash' do
+      expect(report.data).to eq(
+        'IdV: doc auth image upload vendor submitted' => %w[user1 user2 user3 user4 user5].to_set,
+        'IdV: final resolution' => %w[user1].to_set,
+        'IdV: USPS address letter requested' => %w[user2].to_set,
+        'IdV: Verify please call visited' => %w[user3].to_set,
+        'USPS IPPaaS enrollment created' => %w[user4].to_set,
+      )
+    end
+  end
+end
diff --git a/spec/lib/tasks/dev_rake_spec.rb b/spec/lib/tasks/dev_rake_spec.rb
index 96b3eb42800..38ba41e6bd3 100644
--- a/spec/lib/tasks/dev_rake_spec.rb
+++ b/spec/lib/tasks/dev_rake_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'rake'
 
-describe 'dev rake tasks' do
+RSpec.describe 'dev rake tasks' do
   include UspsIppHelper
 
   let(:env) do
diff --git a/spec/lib/tasks/partners_rake_spec.rb b/spec/lib/tasks/partners_rake_spec.rb
index 8c49b4e2fa6..972901cfe87 100644
--- a/spec/lib/tasks/partners_rake_spec.rb
+++ b/spec/lib/tasks/partners_rake_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'rake'
 
-describe 'partners rake tasks' do
+RSpec.describe 'partners rake tasks' do
   before do
     Rake.application.rake_require 'tasks/partners'
     Rake::Task.define_task(:environment)
diff --git a/spec/lib/tasks/review_profile_spec.rb b/spec/lib/tasks/review_profile_spec.rb
index 00b1220ceb1..4f8a9ec9933 100644
--- a/spec/lib/tasks/review_profile_spec.rb
+++ b/spec/lib/tasks/review_profile_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'rake'
 
-describe 'review_profile' do
+RSpec.describe 'review_profile' do
   let(:user) { create(:user, :fraud_review_pending) }
   let(:uuid) { user.uuid }
   let(:task_name) { nil }
diff --git a/spec/lib/tasks/rotate_rake_spec.rb b/spec/lib/tasks/rotate_rake_spec.rb
index 1933549964b..895e0501d87 100644
--- a/spec/lib/tasks/rotate_rake_spec.rb
+++ b/spec/lib/tasks/rotate_rake_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'rake'
 
-describe 'rotate' do
+RSpec.describe 'rotate' do
   let(:user) { create(:user, :with_phone, with: { phone: '703-555-5555' }) }
   before do
     Rake.application.rake_require('lib/tasks/rotate', [Rails.root.to_s])
diff --git a/spec/lib/telephony/pinpoint/aws_credential_builder_spec.rb b/spec/lib/telephony/pinpoint/aws_credential_builder_spec.rb
index a5448aadf70..77972f5fd25 100644
--- a/spec/lib/telephony/pinpoint/aws_credential_builder_spec.rb
+++ b/spec/lib/telephony/pinpoint/aws_credential_builder_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Telephony::Pinpoint::AwsCredentialBuilder do
+RSpec.describe Telephony::Pinpoint::AwsCredentialBuilder do
   include_context 'telephony'
 
   subject(:credential_builder) { described_class.new(config) }
diff --git a/spec/lib/telephony/pinpoint/sms_sender_spec.rb b/spec/lib/telephony/pinpoint/sms_sender_spec.rb
index b55f7c23820..8969b46a38d 100644
--- a/spec/lib/telephony/pinpoint/sms_sender_spec.rb
+++ b/spec/lib/telephony/pinpoint/sms_sender_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Telephony::Pinpoint::SmsSender do
+RSpec.describe Telephony::Pinpoint::SmsSender do
   include_context 'telephony'
 
   subject(:sms_sender) { described_class.new }
diff --git a/spec/lib/telephony/pinpoint/voice_sender_spec.rb b/spec/lib/telephony/pinpoint/voice_sender_spec.rb
index 8902b50c9ab..066d46b15a5 100644
--- a/spec/lib/telephony/pinpoint/voice_sender_spec.rb
+++ b/spec/lib/telephony/pinpoint/voice_sender_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Telephony::Pinpoint::VoiceSender do
+RSpec.describe Telephony::Pinpoint::VoiceSender do
   include_context 'telephony'
 
   subject(:voice_sender) { described_class.new }
diff --git a/spec/lib/telephony/response_spec.rb b/spec/lib/telephony/response_spec.rb
index 4c3c350dbba..e6afd1625a2 100644
--- a/spec/lib/telephony/response_spec.rb
+++ b/spec/lib/telephony/response_spec.rb
@@ -1,4 +1,4 @@
-describe Telephony::Response do
+RSpec.describe Telephony::Response do
   context 'for a successful response' do
     subject { described_class.new(success: true, extra: { test: '1234' }) }
 
diff --git a/spec/lib/telephony/test/call_spec.rb b/spec/lib/telephony/test/call_spec.rb
index fa7b9d147bd..7b056fed697 100644
--- a/spec/lib/telephony/test/call_spec.rb
+++ b/spec/lib/telephony/test/call_spec.rb
@@ -1,4 +1,4 @@
-describe Telephony::Test::Call do
+RSpec.describe Telephony::Test::Call do
   let(:body) { 'The code is 1, 2, 3, 4, 5, 6' }
   let(:otp) { '123456' }
 
diff --git a/spec/lib/telephony/test/message_spec.rb b/spec/lib/telephony/test/message_spec.rb
index bac29ace84a..bf65be5a01b 100644
--- a/spec/lib/telephony/test/message_spec.rb
+++ b/spec/lib/telephony/test/message_spec.rb
@@ -1,4 +1,4 @@
-describe Telephony::Test::Message do
+RSpec.describe Telephony::Test::Message do
   let(:body) { 'The code is 123456' }
   let(:otp) { '123456' }
 
diff --git a/spec/lib/telephony/test/sms_sender_spec.rb b/spec/lib/telephony/test/sms_sender_spec.rb
index b13607d1f1d..9fd823ee5d3 100644
--- a/spec/lib/telephony/test/sms_sender_spec.rb
+++ b/spec/lib/telephony/test/sms_sender_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Telephony::Test::SmsSender do
+RSpec.describe Telephony::Test::SmsSender do
   include_context 'telephony'
 
   before do
diff --git a/spec/lib/telephony/test/voice_sender_spec.rb b/spec/lib/telephony/test/voice_sender_spec.rb
index 43af066a1e2..9a911aaabfa 100644
--- a/spec/lib/telephony/test/voice_sender_spec.rb
+++ b/spec/lib/telephony/test/voice_sender_spec.rb
@@ -1,4 +1,4 @@
-describe Telephony::Test::VoiceSender do
+RSpec.describe Telephony::Test::VoiceSender do
   before do
     Telephony::Test::Call.clear_calls
   end
diff --git a/spec/mailers/previews/report_mailer_preview.rb b/spec/mailers/previews/report_mailer_preview.rb
new file mode 100644
index 00000000000..f3c71460244
--- /dev/null
+++ b/spec/mailers/previews/report_mailer_preview.rb
@@ -0,0 +1,10 @@
+class ReportMailerPreview < ActionMailer::Preview
+  def warn_error
+    ReportMailer.warn_error(
+      email: 'test@example.com',
+      error: ServiceProviderSeeder::ExtraServiceProviderError.new(
+        'Extra service providers found in DB: a, b, c',
+      ),
+    )
+  end
+end
diff --git a/spec/mailers/previews/report_mailer_preview_spec.rb b/spec/mailers/previews/report_mailer_preview_spec.rb
new file mode 100644
index 00000000000..fb1fc38697f
--- /dev/null
+++ b/spec/mailers/previews/report_mailer_preview_spec.rb
@@ -0,0 +1,12 @@
+require 'rails_helper'
+require_relative './report_mailer_preview'
+
+RSpec.describe ReportMailerPreview do
+  subject(:mailer_preview) { ReportMailerPreview.new }
+
+  describe '#warn_error' do
+    it 'generates a warn_error email' do
+      expect { mailer_preview.warn_error }.to_not raise_error
+    end
+  end
+end
diff --git a/spec/mailers/report_mailer_spec.rb b/spec/mailers/report_mailer_spec.rb
index d712bf3737f..9a7f076c638 100644
--- a/spec/mailers/report_mailer_spec.rb
+++ b/spec/mailers/report_mailer_spec.rb
@@ -1,10 +1,10 @@
 require 'rails_helper'
 
-describe ReportMailer, type: :mailer do
+RSpec.describe ReportMailer, type: :mailer do
   let(:user) { build(:user) }
   let(:email_address) { user.email_addresses.first }
 
-  describe 'deleted_user_accounts_report' do
+  describe '#deleted_user_accounts_report' do
     let(:mail) do
       ReportMailer.deleted_user_accounts_report(
         email: email_address.email,
@@ -30,4 +30,26 @@
       expect(mail.html_part.body).to have_content('issuer2')
     end
   end
+
+  describe '#warn_error' do
+    let(:error) { RuntimeError.new('this is my test message') }
+    let(:env) { ActiveSupport::StringInquirer.new('prod') }
+
+    let(:mail) do
+      ReportMailer.warn_error(
+        email: 'test@example.com',
+        error: error,
+        env: env,
+      )
+    end
+
+    it 'puts the rails env and error in a plaintext email', aggregate_failures: true do
+      expect(mail.html_part).to be_nil
+
+      expect(mail.subject).to include('prod')
+      expect(mail.subject).to include('RuntimeError')
+
+      expect(mail.text_part.body).to include('this is my test')
+    end
+  end
 end
diff --git a/spec/mailers/user_mailer_spec.rb b/spec/mailers/user_mailer_spec.rb
index 08c7479bcb1..847e272b65a 100644
--- a/spec/mailers/user_mailer_spec.rb
+++ b/spec/mailers/user_mailer_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserMailer, type: :mailer do
+RSpec.describe UserMailer, type: :mailer do
   let(:user) { build(:user) }
   let(:email_address) { user.email_addresses.first }
   let(:banned_email) { 'banned_email+123abc@gmail.com' }
diff --git a/spec/models/account_reset_request_spec.rb b/spec/models/account_reset_request_spec.rb
index 1e1f9bee061..ed9baa21881 100644
--- a/spec/models/account_reset_request_spec.rb
+++ b/spec/models/account_reset_request_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountResetRequest do
+RSpec.describe AccountResetRequest do
   it { is_expected.to belong_to(:user) }
 
   let(:subject) { AccountResetRequest.new }
diff --git a/spec/models/agency_identity_spec.rb b/spec/models/agency_identity_spec.rb
index 36f0974cf49..93135cc4a91 100644
--- a/spec/models/agency_identity_spec.rb
+++ b/spec/models/agency_identity_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AgencyIdentity do
+RSpec.describe AgencyIdentity do
   it { is_expected.to belong_to(:user) }
   it { is_expected.to belong_to(:agency) }
 
diff --git a/spec/models/agency_spec.rb b/spec/models/agency_spec.rb
index 9e4ba4cef3a..ec64c1691b0 100644
--- a/spec/models/agency_spec.rb
+++ b/spec/models/agency_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Agency do
+RSpec.describe Agency do
   describe 'Associations' do
     it { is_expected.to have_many(:agency_identities).dependent(:destroy) }
     it { is_expected.to have_many(:service_providers).inverse_of(:agency) }
diff --git a/spec/models/anonymous_user_spec.rb b/spec/models/anonymous_user_spec.rb
index 3dd4bff1624..2cc90949748 100644
--- a/spec/models/anonymous_user_spec.rb
+++ b/spec/models/anonymous_user_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AnonymousUser do
+RSpec.describe AnonymousUser do
   describe 'Methods' do
     it { is_expected.to respond_to(:phone_configurations) }
     it { is_expected.to respond_to(:uuid) }
diff --git a/spec/models/device_spec.rb b/spec/models/device_spec.rb
index 43abbdcc802..b73a1843733 100644
--- a/spec/models/device_spec.rb
+++ b/spec/models/device_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Device do
+RSpec.describe Device do
   it { is_expected.to belong_to(:user) }
 
   describe 'validations' do
diff --git a/spec/models/document_capture_session_spec.rb b/spec/models/document_capture_session_spec.rb
index fec5f422ab4..fdb50150e60 100644
--- a/spec/models/document_capture_session_spec.rb
+++ b/spec/models/document_capture_session_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe DocumentCaptureSession do
+RSpec.describe DocumentCaptureSession do
   let(:doc_auth_response) do
     DocAuth::Response.new(
       success: true,
diff --git a/spec/models/email_address_spec.rb b/spec/models/email_address_spec.rb
index e686f598815..cfbdf0e9f04 100644
--- a/spec/models/email_address_spec.rb
+++ b/spec/models/email_address_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EmailAddress do
+RSpec.describe EmailAddress do
   describe 'Associations' do
     it { is_expected.to belong_to(:user) }
     it { is_expected.to validate_presence_of(:encrypted_email) }
diff --git a/spec/models/event_spec.rb b/spec/models/event_spec.rb
index 8096d825a83..c15d89a9097 100644
--- a/spec/models/event_spec.rb
+++ b/spec/models/event_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Event do
+RSpec.describe Event do
   it { is_expected.to belong_to(:user) }
 
   describe 'validations' do
diff --git a/spec/models/null_identity_spec.rb b/spec/models/null_identity_spec.rb
index 139b3fa8473..ef062edea43 100644
--- a/spec/models/null_identity_spec.rb
+++ b/spec/models/null_identity_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe NullIdentity do
+RSpec.describe NullIdentity do
   describe '#service_provider' do
     it 'uses constant' do
       expect(subject.service_provider).to eq NullIdentity::SERVICE_PROVIDER
diff --git a/spec/models/phone_configuration_spec.rb b/spec/models/phone_configuration_spec.rb
index acc31cb189e..e3948d105bd 100644
--- a/spec/models/phone_configuration_spec.rb
+++ b/spec/models/phone_configuration_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PhoneConfiguration do
+RSpec.describe PhoneConfiguration do
   describe 'Associations' do
     it { is_expected.to belong_to(:user) }
     it { is_expected.to validate_presence_of(:encrypted_phone) }
diff --git a/spec/models/profile_spec.rb b/spec/models/profile_spec.rb
index 7d87abdaa2d..ebdabcb7c79 100644
--- a/spec/models/profile_spec.rb
+++ b/spec/models/profile_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Profile do
+RSpec.describe Profile do
   let(:user) { create(:user, :fully_registered, password: 'a really long sekrit') }
   let(:another_user) { create(:user, :fully_registered) }
   let(:profile) { user.profiles.create }
@@ -379,6 +379,22 @@
     end
   end
 
+  describe '#activate_after_passing_in_person' do
+    it 'activates a profile if it passes in person proofing' do
+      profile = user.profiles.create
+      profile.active = false
+      profile.fraud_review_pending_at = 1.day.ago
+      profile.deactivation_reason = :in_person_verification_pending
+
+      profile.activate_after_passing_in_person
+
+      expect(profile.fraud_review_pending_at).to be_nil
+      expect(profile.activated_at).not_to be_nil
+      expect(profile.deactivation_reason).to be_nil
+      expect(profile).to be_active
+    end
+  end
+
   describe '#activate_after_passing_review' do
     it 'activates a profile if it passes fraud review' do
       profile = create(
diff --git a/spec/models/service_provider_spec.rb b/spec/models/service_provider_spec.rb
index 76221f94744..481c9645127 100644
--- a/spec/models/service_provider_spec.rb
+++ b/spec/models/service_provider_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ServiceProvider do
+RSpec.describe ServiceProvider do
   let(:service_provider) { ServiceProvider.find_by(issuer: 'http://localhost:3000') }
 
   describe 'associations' do
diff --git a/spec/models/webauthn_configuration_spec.rb b/spec/models/webauthn_configuration_spec.rb
index ab50dd534eb..9d9431dd62b 100644
--- a/spec/models/webauthn_configuration_spec.rb
+++ b/spec/models/webauthn_configuration_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe WebauthnConfiguration do
+RSpec.describe WebauthnConfiguration do
   describe 'Associations' do
     it { is_expected.to belong_to(:user) }
     it { is_expected.to validate_presence_of(:name) }
diff --git a/spec/policies/backup_code_policy_spec.rb b/spec/policies/backup_code_policy_spec.rb
index c1015eb7a3f..99bb7e0f377 100644
--- a/spec/policies/backup_code_policy_spec.rb
+++ b/spec/policies/backup_code_policy_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::BackupCodePolicy do
+RSpec.describe TwoFactorAuthentication::BackupCodePolicy do
   let(:user) { User.new }
   let(:policy) { described_class.new(user) }
 
diff --git a/spec/policies/service_provider_mfa_policy_spec.rb b/spec/policies/service_provider_mfa_policy_spec.rb
index b33495c875f..f16cc9ab66e 100644
--- a/spec/policies/service_provider_mfa_policy_spec.rb
+++ b/spec/policies/service_provider_mfa_policy_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ServiceProviderMfaPolicy do
+RSpec.describe ServiceProviderMfaPolicy do
   let(:user) { create(:user) }
   let(:service_provider) { create(:service_provider) }
   let(:auth_method) { TwoFactorAuthenticatable::AuthMethod::SMS }
diff --git a/spec/policies/two_factor_authentication/piv_cac_policy_spec.rb b/spec/policies/two_factor_authentication/piv_cac_policy_spec.rb
index 81c21280e13..250c680014f 100644
--- a/spec/policies/two_factor_authentication/piv_cac_policy_spec.rb
+++ b/spec/policies/two_factor_authentication/piv_cac_policy_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::PivCacPolicy do
+RSpec.describe TwoFactorAuthentication::PivCacPolicy do
   let(:subject) { described_class.new(user) }
 
   describe '#configured?' do
diff --git a/spec/policies/user_mfa_policy_spec.rb b/spec/policies/user_mfa_policy_spec.rb
index fff48b21825..ce4951a52da 100644
--- a/spec/policies/user_mfa_policy_spec.rb
+++ b/spec/policies/user_mfa_policy_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe MfaPolicy do
+RSpec.describe MfaPolicy do
   let(:subject) { described_class.new(user) }
 
   context 'no mfa configurations' do
diff --git a/spec/policies/webauthn_login_option_policy_spec.rb b/spec/policies/webauthn_login_option_policy_spec.rb
index b709b40c113..2f12beb48d3 100644
--- a/spec/policies/webauthn_login_option_policy_spec.rb
+++ b/spec/policies/webauthn_login_option_policy_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::WebauthnPolicy do
+RSpec.describe TwoFactorAuthentication::WebauthnPolicy do
   include WebAuthnHelper
 
   let(:subject) { described_class.new(user) }
diff --git a/spec/presenters/account_reset/pending_presenter_spec.rb b/spec/presenters/account_reset/pending_presenter_spec.rb
index 779783468d4..b4bb776a0aa 100644
--- a/spec/presenters/account_reset/pending_presenter_spec.rb
+++ b/spec/presenters/account_reset/pending_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::PendingPresenter do
+RSpec.describe AccountReset::PendingPresenter do
   let(:user) { create(:user) }
   let(:requested_at) { 22.hours.ago }
   let(:account_reset_request) do
diff --git a/spec/presenters/account_show_presenter_spec.rb b/spec/presenters/account_show_presenter_spec.rb
index 47a8bd28fad..bd083feccbc 100644
--- a/spec/presenters/account_show_presenter_spec.rb
+++ b/spec/presenters/account_show_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountShowPresenter do
+RSpec.describe AccountShowPresenter do
   describe '#header_personalization' do
     context 'AccountShowPresenter instance has decrypted_pii' do
       it "returns the user's first name" do
diff --git a/spec/presenters/cancellation_presenter_spec.rb b/spec/presenters/cancellation_presenter_spec.rb
index 3200f402a01..95ff5a0fa39 100644
--- a/spec/presenters/cancellation_presenter_spec.rb
+++ b/spec/presenters/cancellation_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe CancellationPresenter do
+RSpec.describe CancellationPresenter do
   let(:good_url) { 'http://example.com/asdf/qwerty' }
   let(:good_url_with_path) { 'http://example.com/asdf?qwerty=123' }
   let(:bad_url) { 'http://evil.com/asdf/qwerty' }
diff --git a/spec/presenters/completions_presenter_spec.rb b/spec/presenters/completions_presenter_spec.rb
index ef4d1079844..cf5c9f557e7 100644
--- a/spec/presenters/completions_presenter_spec.rb
+++ b/spec/presenters/completions_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe CompletionsPresenter do
+RSpec.describe CompletionsPresenter do
   let(:identities) do
     [
       build(
diff --git a/spec/presenters/confirm_delete_email_presenter_spec.rb b/spec/presenters/confirm_delete_email_presenter_spec.rb
index ce382c6912b..cc225532c01 100644
--- a/spec/presenters/confirm_delete_email_presenter_spec.rb
+++ b/spec/presenters/confirm_delete_email_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ConfirmDeleteEmailPresenter do
+RSpec.describe ConfirmDeleteEmailPresenter do
   let(:user) { create(:user, :fully_registered, email: 'email@example.com') }
   let(:email_address) { user.email_addresses.first }
   let(:presenter) { described_class.new(user, email_address) }
diff --git a/spec/presenters/eastern_time_presenter_spec.rb b/spec/presenters/eastern_time_presenter_spec.rb
index 473143f3db3..56f107e0261 100644
--- a/spec/presenters/eastern_time_presenter_spec.rb
+++ b/spec/presenters/eastern_time_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EasternTimePresenter do
+RSpec.describe EasternTimePresenter do
   describe '#to_s' do
     it 'returns the formatted timestamp in a string' do
       str = '2017-04-12 18:19:18 UTC'
diff --git a/spec/presenters/image_upload_response_presenter_spec.rb b/spec/presenters/image_upload_response_presenter_spec.rb
index 760f052d253..266a5333bcd 100644
--- a/spec/presenters/image_upload_response_presenter_spec.rb
+++ b/spec/presenters/image_upload_response_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ImageUploadResponsePresenter do
+RSpec.describe ImageUploadResponsePresenter do
   include Rails.application.routes.url_helpers
 
   let(:form_response) do
diff --git a/spec/presenters/max_attempts_reached_presenter_spec.rb b/spec/presenters/max_attempts_reached_presenter_spec.rb
index ab95a10c046..d0ff137b40d 100644
--- a/spec/presenters/max_attempts_reached_presenter_spec.rb
+++ b/spec/presenters/max_attempts_reached_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthCode::MaxAttemptsReachedPresenter do
+RSpec.describe TwoFactorAuthCode::MaxAttemptsReachedPresenter do
   let(:type) { 'otp_requests' }
   let(:user) { instance_double(User) }
   let(:presenter) { described_class.new(type, user) }
diff --git a/spec/presenters/mfa_confirmation_presenter_spec.rb b/spec/presenters/mfa_confirmation_presenter_spec.rb
index 77d94ee2036..89649c880f6 100644
--- a/spec/presenters/mfa_confirmation_presenter_spec.rb
+++ b/spec/presenters/mfa_confirmation_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe MfaConfirmationPresenter do
+RSpec.describe MfaConfirmationPresenter do
   let(:user) { create(:user, :with_phone) }
   let(:presenter) { described_class.new(user) }
 
diff --git a/spec/presenters/piv_cac_authentication_setup_presenter_spec.rb b/spec/presenters/piv_cac_authentication_setup_presenter_spec.rb
index e13f917a968..69d0e04d7cd 100644
--- a/spec/presenters/piv_cac_authentication_setup_presenter_spec.rb
+++ b/spec/presenters/piv_cac_authentication_setup_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PivCacAuthenticationSetupPresenter do
+RSpec.describe PivCacAuthenticationSetupPresenter do
   let(:user) { create(:user) }
   let(:presenter) { described_class.new(user, false, form) }
   let(:form) do
diff --git a/spec/presenters/piv_cac_error_presenter_spec.rb b/spec/presenters/piv_cac_error_presenter_spec.rb
index eeb7aec4259..504d44e2076 100644
--- a/spec/presenters/piv_cac_error_presenter_spec.rb
+++ b/spec/presenters/piv_cac_error_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PivCacErrorPresenter do
+RSpec.describe PivCacErrorPresenter do
   let(:view) { double(:view, link_to: '') }
   let(:presenter) { described_class.new(error: error, view: view, try_again_url: '') }
   let(:error) { 'certificate.none' }
diff --git a/spec/presenters/saml_request_presenter_spec.rb b/spec/presenters/saml_request_presenter_spec.rb
index 58e8f858ce2..3517308d1fa 100644
--- a/spec/presenters/saml_request_presenter_spec.rb
+++ b/spec/presenters/saml_request_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SamlRequestPresenter do
+RSpec.describe SamlRequestPresenter do
   describe '#requested_attributes' do
     context 'IAL1 and bundle contains invalid attributes and IAL2 attributes' do
       it 'only returns :email' do
diff --git a/spec/presenters/session_timeout_modal_presenter_spec.rb b/spec/presenters/session_timeout_modal_presenter_spec.rb
index 0025600fc1a..e7d025f8e63 100644
--- a/spec/presenters/session_timeout_modal_presenter_spec.rb
+++ b/spec/presenters/session_timeout_modal_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SessionTimeoutModalPresenter do
+RSpec.describe SessionTimeoutModalPresenter do
   let(:user_fully_authenticated) { nil }
 
   subject(:presenter) { described_class.new(user_fully_authenticated:) }
diff --git a/spec/presenters/setup_presenter_spec.rb b/spec/presenters/setup_presenter_spec.rb
index 68ee97779b5..1d4eeb70faf 100644
--- a/spec/presenters/setup_presenter_spec.rb
+++ b/spec/presenters/setup_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SetupPresenter do
+RSpec.describe SetupPresenter do
   let(:user) { create(:user) }
   let(:presenter) do
     described_class.new(
diff --git a/spec/presenters/two_factor_auth_code/authenticator_delivery_presenter_spec.rb b/spec/presenters/two_factor_auth_code/authenticator_delivery_presenter_spec.rb
index 6d93388fbda..8a6420590e2 100644
--- a/spec/presenters/two_factor_auth_code/authenticator_delivery_presenter_spec.rb
+++ b/spec/presenters/two_factor_auth_code/authenticator_delivery_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthCode::AuthenticatorDeliveryPresenter do
+RSpec.describe TwoFactorAuthCode::AuthenticatorDeliveryPresenter do
   let(:view) { ActionController::Base.new.view_context }
   let(:presenter) do
     TwoFactorAuthCode::AuthenticatorDeliveryPresenter.
diff --git a/spec/presenters/two_factor_auth_code/backup_code_presenter_spec.rb b/spec/presenters/two_factor_auth_code/backup_code_presenter_spec.rb
index edd7edd6a70..8e0d0747460 100644
--- a/spec/presenters/two_factor_auth_code/backup_code_presenter_spec.rb
+++ b/spec/presenters/two_factor_auth_code/backup_code_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthCode::BackupCodePresenter do
+RSpec.describe TwoFactorAuthCode::BackupCodePresenter do
   include Rails.application.routes.url_helpers
 
   let(:presenter) do
diff --git a/spec/presenters/two_factor_auth_code/generic_delivery_presenter_spec.rb b/spec/presenters/two_factor_auth_code/generic_delivery_presenter_spec.rb
index 1c41ee35053..b27b8af628c 100644
--- a/spec/presenters/two_factor_auth_code/generic_delivery_presenter_spec.rb
+++ b/spec/presenters/two_factor_auth_code/generic_delivery_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthCode::GenericDeliveryPresenter do
+RSpec.describe TwoFactorAuthCode::GenericDeliveryPresenter do
   include Rails.application.routes.url_helpers
 
   it 'is an abstract presenter with methods that should be implemented' do
diff --git a/spec/presenters/two_factor_auth_code/personal_key_presenter_spec.rb b/spec/presenters/two_factor_auth_code/personal_key_presenter_spec.rb
index 8e67e556238..11435b98c46 100644
--- a/spec/presenters/two_factor_auth_code/personal_key_presenter_spec.rb
+++ b/spec/presenters/two_factor_auth_code/personal_key_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthCode::PersonalKeyPresenter do
+RSpec.describe TwoFactorAuthCode::PersonalKeyPresenter do
   include Rails.application.routes.url_helpers
 
   let(:presenter) do
diff --git a/spec/presenters/two_factor_auth_code/phone_delivery_presenter_spec.rb b/spec/presenters/two_factor_auth_code/phone_delivery_presenter_spec.rb
index 1da1ffab4f9..03141df67c1 100644
--- a/spec/presenters/two_factor_auth_code/phone_delivery_presenter_spec.rb
+++ b/spec/presenters/two_factor_auth_code/phone_delivery_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthCode::PhoneDeliveryPresenter do
+RSpec.describe TwoFactorAuthCode::PhoneDeliveryPresenter do
   include Rails.application.routes.url_helpers
   include ActionView::Helpers::UrlHelper
 
diff --git a/spec/presenters/two_factor_auth_code/piv_cac_authentication_presenter_spec.rb b/spec/presenters/two_factor_auth_code/piv_cac_authentication_presenter_spec.rb
index dc837606e43..5f449950139 100644
--- a/spec/presenters/two_factor_auth_code/piv_cac_authentication_presenter_spec.rb
+++ b/spec/presenters/two_factor_auth_code/piv_cac_authentication_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthCode::PivCacAuthenticationPresenter do
+RSpec.describe TwoFactorAuthCode::PivCacAuthenticationPresenter do
   include Rails.application.routes.url_helpers
   include ActionView::Helpers::TagHelper
 
diff --git a/spec/presenters/two_factor_auth_code/webauthn_authentication_presenter_spec.rb b/spec/presenters/two_factor_auth_code/webauthn_authentication_presenter_spec.rb
index 70a4bf3f74a..cba2c3decac 100644
--- a/spec/presenters/two_factor_auth_code/webauthn_authentication_presenter_spec.rb
+++ b/spec/presenters/two_factor_auth_code/webauthn_authentication_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthCode::WebauthnAuthenticationPresenter do
+RSpec.describe TwoFactorAuthCode::WebauthnAuthenticationPresenter do
   include Rails.application.routes.url_helpers
 
   let(:view) { ActionController::Base.new.view_context }
diff --git a/spec/presenters/two_factor_authentication/auth_app_selection_presenter_spec.rb b/spec/presenters/two_factor_authentication/auth_app_selection_presenter_spec.rb
index 699245541a1..58695461877 100644
--- a/spec/presenters/two_factor_authentication/auth_app_selection_presenter_spec.rb
+++ b/spec/presenters/two_factor_authentication/auth_app_selection_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::AuthAppSelectionPresenter do
+RSpec.describe TwoFactorAuthentication::AuthAppSelectionPresenter do
   let(:configuration) {}
   let(:user_without_mfa) { create(:user) }
   let(:user_with_mfa) { create(:user, :with_authentication_app) }
diff --git a/spec/presenters/two_factor_authentication/personal_key_selection_presenter_spec.rb b/spec/presenters/two_factor_authentication/personal_key_selection_presenter_spec.rb
index b892020ca88..2155bc77432 100644
--- a/spec/presenters/two_factor_authentication/personal_key_selection_presenter_spec.rb
+++ b/spec/presenters/two_factor_authentication/personal_key_selection_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::PersonalKeySelectionPresenter do
+RSpec.describe TwoFactorAuthentication::PersonalKeySelectionPresenter do
   let(:subject) { described_class.new(configuration: configuration) }
   let(:configuration) {}
 
diff --git a/spec/presenters/two_factor_authentication/piv_cac_selection_presenter_spec.rb b/spec/presenters/two_factor_authentication/piv_cac_selection_presenter_spec.rb
index 71016917eb5..2ea70c4df42 100644
--- a/spec/presenters/two_factor_authentication/piv_cac_selection_presenter_spec.rb
+++ b/spec/presenters/two_factor_authentication/piv_cac_selection_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::PivCacSelectionPresenter do
+RSpec.describe TwoFactorAuthentication::PivCacSelectionPresenter do
   let(:user_without_mfa) { create(:user) }
   let(:user_with_mfa) { create(:user, :with_piv_or_cac) }
   let(:configuration) {}
diff --git a/spec/presenters/two_factor_authentication/sms_selection_presenter_spec.rb b/spec/presenters/two_factor_authentication/sms_selection_presenter_spec.rb
index 4a9e3ff8b23..74c15f33922 100644
--- a/spec/presenters/two_factor_authentication/sms_selection_presenter_spec.rb
+++ b/spec/presenters/two_factor_authentication/sms_selection_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::SmsSelectionPresenter do
+RSpec.describe TwoFactorAuthentication::SmsSelectionPresenter do
   let(:subject) { described_class.new(configuration: phone) }
 
   describe '#type' do
diff --git a/spec/presenters/two_factor_authentication/voice_selection_presenter_spec.rb b/spec/presenters/two_factor_authentication/voice_selection_presenter_spec.rb
index 8d6b715585b..91a0ce64611 100644
--- a/spec/presenters/two_factor_authentication/voice_selection_presenter_spec.rb
+++ b/spec/presenters/two_factor_authentication/voice_selection_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::VoiceSelectionPresenter do
+RSpec.describe TwoFactorAuthentication::VoiceSelectionPresenter do
   let(:subject) { described_class.new(configuration: phone) }
 
   describe '#type' do
diff --git a/spec/presenters/two_factor_authentication/webauthn_platform_selection_presenter_spec.rb b/spec/presenters/two_factor_authentication/webauthn_platform_selection_presenter_spec.rb
index 21855f0ba34..e8df4cb2222 100644
--- a/spec/presenters/two_factor_authentication/webauthn_platform_selection_presenter_spec.rb
+++ b/spec/presenters/two_factor_authentication/webauthn_platform_selection_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::WebauthnPlatformSelectionPresenter do
+RSpec.describe TwoFactorAuthentication::WebauthnPlatformSelectionPresenter do
   let(:user_without_mfa) { create(:user) }
   let(:user_with_mfa) { create(:user) }
   let(:configuration) {}
diff --git a/spec/presenters/two_factor_authentication/webauthn_selection_presenter_spec.rb b/spec/presenters/two_factor_authentication/webauthn_selection_presenter_spec.rb
index 715aa778c87..47adc432a5b 100644
--- a/spec/presenters/two_factor_authentication/webauthn_selection_presenter_spec.rb
+++ b/spec/presenters/two_factor_authentication/webauthn_selection_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorAuthentication::WebauthnSelectionPresenter do
+RSpec.describe TwoFactorAuthentication::WebauthnSelectionPresenter do
   let(:user_without_mfa) { create(:user) }
   let(:user_with_mfa) { create(:user) }
   let(:configuration) {}
diff --git a/spec/presenters/two_factor_login_options_presenter_spec.rb b/spec/presenters/two_factor_login_options_presenter_spec.rb
index 2aa6cc721de..9dbedde7a9d 100644
--- a/spec/presenters/two_factor_login_options_presenter_spec.rb
+++ b/spec/presenters/two_factor_login_options_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorLoginOptionsPresenter do
+RSpec.describe TwoFactorLoginOptionsPresenter do
   include Rails.application.routes.url_helpers
 
   let(:user) { User.new }
diff --git a/spec/presenters/two_factor_options_presenter_spec.rb b/spec/presenters/two_factor_options_presenter_spec.rb
index 5a8437e4eaa..c0f5c9fe90f 100644
--- a/spec/presenters/two_factor_options_presenter_spec.rb
+++ b/spec/presenters/two_factor_options_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe TwoFactorOptionsPresenter do
+RSpec.describe TwoFactorOptionsPresenter do
   include Rails.application.routes.url_helpers
   include RequestHelper
 
diff --git a/spec/presenters/utc_time_presenter_spec.rb b/spec/presenters/utc_time_presenter_spec.rb
index ed48d480288..ecc89d27376 100644
--- a/spec/presenters/utc_time_presenter_spec.rb
+++ b/spec/presenters/utc_time_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UtcTimePresenter do
+RSpec.describe UtcTimePresenter do
   describe '#to_s' do
     it 'returns the formatted timestamp in a string' do
       timestamp = Time.use_zone('UTC') do
diff --git a/spec/presenters/webauthn_setup_presenter_spec.rb b/spec/presenters/webauthn_setup_presenter_spec.rb
index a0f380c1c91..c6d7f68d7eb 100644
--- a/spec/presenters/webauthn_setup_presenter_spec.rb
+++ b/spec/presenters/webauthn_setup_presenter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe WebauthnSetupPresenter do
+RSpec.describe WebauthnSetupPresenter do
   let(:user) { build(:user) }
   let(:user_fully_authenticated) { false }
   let(:user_opted_remember_device_cookie) { true }
diff --git a/spec/requests/acuant_sdk_spec.rb b/spec/requests/acuant_sdk_spec.rb
index 1d794309049..b250102d356 100644
--- a/spec/requests/acuant_sdk_spec.rb
+++ b/spec/requests/acuant_sdk_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'acuant sdk versions' do
+RSpec.describe 'acuant sdk versions' do
   default_version = IdentityConfig.store.idv_acuant_sdk_version_default
   alternate_version = IdentityConfig.store.idv_acuant_sdk_version_alternate
   acuant_entries = Dir.entries(Rails.root.join('public', 'acuant'))
@@ -14,7 +14,7 @@
   end
 end
 
-describe 'requesting acuant SDK assets' do
+RSpec.describe 'requesting acuant SDK assets' do
   version = Pathname.new(Dir[Rails.root.join('public/acuant/*')].first).basename.to_s
   base_url = "/acuant/#{version}"
 
diff --git a/spec/requests/i18n_spec.rb b/spec/requests/i18n_spec.rb
index 8b0fe2a6eac..8f1fa3e1c99 100644
--- a/spec/requests/i18n_spec.rb
+++ b/spec/requests/i18n_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'i18n requests' do
+RSpec.describe 'i18n requests' do
   context 'with CSRF errors' do
     before do
       ActionController::Base.allow_forgery_protection = true
diff --git a/spec/requests/invalid_sign_in_params_spec.rb b/spec/requests/invalid_sign_in_params_spec.rb
index c4721221143..82ad2fb9929 100644
--- a/spec/requests/invalid_sign_in_params_spec.rb
+++ b/spec/requests/invalid_sign_in_params_spec.rb
@@ -1,13 +1,15 @@
 require 'rails_helper'
 
-describe 'visiting sign in page with invalid user params' do
-  it 'does not raise an exception' do
-    get new_user_session_path, params: { user: 'test@test.com' }
+RSpec.describe 'sign in params' do
+  context 'visiting sign in page with invalid user params' do
+    it 'does not raise an exception' do
+      get new_user_session_path, params: { user: 'test@test.com' }
+    end
   end
-end
 
-context 'when the request_id param is present but with a nil value' do
-  it 'does not raise an error' do
-    get new_user_session_path, params: { request_id: nil }
+  context 'when the request_id param is present but with a nil value' do
+    it 'does not raise an error' do
+      get new_user_session_path, params: { request_id: nil }
+    end
   end
 end
diff --git a/spec/requests/openid_connect_authorize_spec.rb b/spec/requests/openid_connect_authorize_spec.rb
index 8ed91fa56ea..288ee26aa61 100644
--- a/spec/requests/openid_connect_authorize_spec.rb
+++ b/spec/requests/openid_connect_authorize_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'user signs in partially and visits openid_connect/authorize' do
+RSpec.describe 'user signs in partially and visits openid_connect/authorize' do
   let(:user) { create(:user, :fully_registered, with: { phone: '+1 (202) 555-1213' }) }
 
   it 'prompts the user to 2FA' do
diff --git a/spec/requests/rack_attack_spec.rb b/spec/requests/rack_attack_spec.rb
index e91280f2d1c..d4dcb5dd899 100644
--- a/spec/requests/rack_attack_spec.rb
+++ b/spec/requests/rack_attack_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'throttling requests' do
+RSpec.describe 'throttling requests' do
   before(:all) { Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new }
   before(:each) { Rack::Attack.cache.store.clear }
 
diff --git a/spec/routing/gpo_verification_routing_spec.rb b/spec/routing/gpo_verification_routing_spec.rb
index c01bb18bca9..0d064234cc8 100644
--- a/spec/routing/gpo_verification_routing_spec.rb
+++ b/spec/routing/gpo_verification_routing_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'GPO verification routes' do
+RSpec.describe 'GPO verification routes' do
   GET_ROUTES = %w[
     verify/usps
   ].freeze
diff --git a/spec/services/account_reset/cancel_request_for_user_spec.rb b/spec/services/account_reset/cancel_request_for_user_spec.rb
index 09fc1a4f371..78f6ca04d26 100644
--- a/spec/services/account_reset/cancel_request_for_user_spec.rb
+++ b/spec/services/account_reset/cancel_request_for_user_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::CancelRequestForUser do
+RSpec.describe AccountReset::CancelRequestForUser do
   let(:user) { create(:user) }
   let!(:account_reset_request) { AccountResetRequest.create(user: user, requested_at: 1.hour.ago) }
 
diff --git a/spec/services/account_reset/cancel_spec.rb b/spec/services/account_reset/cancel_spec.rb
index 15d247c2e6b..63661fefabb 100644
--- a/spec/services/account_reset/cancel_spec.rb
+++ b/spec/services/account_reset/cancel_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::Cancel do
+RSpec.describe AccountReset::Cancel do
   include AccountResetHelper
 
   let(:user) { create(:user, :fully_registered) }
diff --git a/spec/services/account_reset/delete_account_spec.rb b/spec/services/account_reset/delete_account_spec.rb
index 75ed8e04f79..fe561d2dbc5 100644
--- a/spec/services/account_reset/delete_account_spec.rb
+++ b/spec/services/account_reset/delete_account_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::DeleteAccount do
+RSpec.describe AccountReset::DeleteAccount do
   include AccountResetHelper
 
   let(:expired_token_message) do
diff --git a/spec/services/account_reset/find_prending_request_for_user_spec.rb b/spec/services/account_reset/find_prending_request_for_user_spec.rb
index beb1e742a1e..d2a5fb7ba38 100644
--- a/spec/services/account_reset/find_prending_request_for_user_spec.rb
+++ b/spec/services/account_reset/find_prending_request_for_user_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::FindPendingRequestForUser do
+RSpec.describe AccountReset::FindPendingRequestForUser do
   describe '#call' do
     let(:user) { create(:user) }
     let(:granted_at) { nil }
diff --git a/spec/services/account_reset/grant_request_spec.rb b/spec/services/account_reset/grant_request_spec.rb
index fe85fc9dd56..c1acc53cbc7 100644
--- a/spec/services/account_reset/grant_request_spec.rb
+++ b/spec/services/account_reset/grant_request_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::GrantRequest do
+RSpec.describe AccountReset::GrantRequest do
   include AccountResetHelper
 
   let(:user) { create(:user) }
diff --git a/spec/services/account_reset/grant_requests_and_send_emails_spec.rb b/spec/services/account_reset/grant_requests_and_send_emails_spec.rb
index 13b0344dd93..54a8aab1093 100644
--- a/spec/services/account_reset/grant_requests_and_send_emails_spec.rb
+++ b/spec/services/account_reset/grant_requests_and_send_emails_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::GrantRequestsAndSendEmails do
+RSpec.describe AccountReset::GrantRequestsAndSendEmails do
   include AccountResetHelper
 
   let(:user) { create(:user) }
diff --git a/spec/services/account_reset/notify_user_of_request_cancellation_spec.rb b/spec/services/account_reset/notify_user_of_request_cancellation_spec.rb
index 300e1aa1ea1..9b0d1d9acf2 100644
--- a/spec/services/account_reset/notify_user_of_request_cancellation_spec.rb
+++ b/spec/services/account_reset/notify_user_of_request_cancellation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::NotifyUserOfRequestCancellation do
+RSpec.describe AccountReset::NotifyUserOfRequestCancellation do
   let(:user) { create(:user) }
 
   subject { described_class.new(user) }
diff --git a/spec/services/account_reset/validate_granted_token_spec.rb b/spec/services/account_reset/validate_granted_token_spec.rb
index 93b60bd773a..cde471c1c7b 100644
--- a/spec/services/account_reset/validate_granted_token_spec.rb
+++ b/spec/services/account_reset/validate_granted_token_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AccountReset::ValidateGrantedToken do
+RSpec.describe AccountReset::ValidateGrantedToken do
   include AccountResetHelper
 
   let(:expired_token_message) do
diff --git a/spec/services/active_profile_encryptor_spec.rb b/spec/services/active_profile_encryptor_spec.rb
index 8be40f8eb2e..568ff20e0de 100644
--- a/spec/services/active_profile_encryptor_spec.rb
+++ b/spec/services/active_profile_encryptor_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ActiveProfileEncryptor do
+RSpec.describe ActiveProfileEncryptor do
   describe '#call' do
     it 'encrypts the profile' do
       decrypted_pii = { ssn: '1234' }.to_json
diff --git a/spec/services/agency_identity_linker_spec.rb b/spec/services/agency_identity_linker_spec.rb
index ab9b736aac8..32cde8fb0c2 100644
--- a/spec/services/agency_identity_linker_spec.rb
+++ b/spec/services/agency_identity_linker_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AgencyIdentityLinker do
+RSpec.describe AgencyIdentityLinker do
   let(:user) { create(:user) }
   describe '#link_identity' do
     before(:each) { init_env(user) }
diff --git a/spec/services/analytics_spec.rb b/spec/services/analytics_spec.rb
index 70ca8e2f667..71c59518756 100644
--- a/spec/services/analytics_spec.rb
+++ b/spec/services/analytics_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Analytics do
+RSpec.describe Analytics do
   let(:analytics_attributes) do
     {
       user_id: current_user.uuid,
diff --git a/spec/services/attribute_asserter_spec.rb b/spec/services/attribute_asserter_spec.rb
index b2b9529a5ec..60eca6b7f96 100644
--- a/spec/services/attribute_asserter_spec.rb
+++ b/spec/services/attribute_asserter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe AttributeAsserter do
+RSpec.describe AttributeAsserter do
   include SamlAuthHelper
 
   let(:ial1_user) { create(:user, :fully_registered) }
diff --git a/spec/services/banned_user_resolver_spec.rb b/spec/services/banned_user_resolver_spec.rb
index 1a233ea9585..99aa7637127 100644
--- a/spec/services/banned_user_resolver_spec.rb
+++ b/spec/services/banned_user_resolver_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe BannedUserResolver do
+RSpec.describe BannedUserResolver do
   context 'the user is not banned' do
     it 'returns false' do
       user = create(:user)
diff --git a/spec/services/completions_decider_spec.rb b/spec/services/completions_decider_spec.rb
index 11e87afd5fa..779378ec424 100644
--- a/spec/services/completions_decider_spec.rb
+++ b/spec/services/completions_decider_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe CompletionsDecider do
+RSpec.describe CompletionsDecider do
   let(:desktop_user_agent) do
     'Mozilla/5.0 (Windows NT 10.0; Win64; x64) ' \
     'AppleWebKit/537.36 (KHTML, like Gecko) ' \
diff --git a/spec/services/db/add_document_verification_and_selfie_costs_spec.rb b/spec/services/db/add_document_verification_and_selfie_costs_spec.rb
index dfc776bde1d..273c028e323 100644
--- a/spec/services/db/add_document_verification_and_selfie_costs_spec.rb
+++ b/spec/services/db/add_document_verification_and_selfie_costs_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Db::AddDocumentVerificationAndSelfieCosts do
+RSpec.describe Db::AddDocumentVerificationAndSelfieCosts do
   let(:user_id) { 1 }
   let(:service_provider) { build(:service_provider, issuer: 'foo') }
   let(:billed_response) do
diff --git a/spec/services/db/monthly_auth_count/total_monthly_auth_counts_spec.rb b/spec/services/db/monthly_auth_count/total_monthly_auth_counts_spec.rb
index aa7f1fb8d2f..07f3c11d329 100644
--- a/spec/services/db/monthly_auth_count/total_monthly_auth_counts_spec.rb
+++ b/spec/services/db/monthly_auth_count/total_monthly_auth_counts_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Db::MonthlySpAuthCount::TotalMonthlyAuthCounts do
+RSpec.describe Db::MonthlySpAuthCount::TotalMonthlyAuthCounts do
   subject { described_class }
 
   let(:issuer) { 'foo' }
diff --git a/spec/services/db/sp_return_log_spec.rb b/spec/services/db/sp_return_log_spec.rb
index 610b26e457b..82de7510160 100644
--- a/spec/services/db/sp_return_log_spec.rb
+++ b/spec/services/db/sp_return_log_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Db::SpReturnLog do
+RSpec.describe Db::SpReturnLog do
   describe '#create_return' do
     it 'does not fail if row already exists' do
       sp_return_log = SpReturnLog.create(
diff --git a/spec/services/deleted_accounts_report_spec.rb b/spec/services/deleted_accounts_report_spec.rb
index 2646e520f8b..a82663287aa 100644
--- a/spec/services/deleted_accounts_report_spec.rb
+++ b/spec/services/deleted_accounts_report_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe DeletedAccountsReport do
+RSpec.describe DeletedAccountsReport do
   let(:service_provider) { 'urn:gov:gsa:openidconnect:sp:sinatra' }
   let(:days_ago) { 30 }
   describe '#call' do
diff --git a/spec/services/displayable_pii_formatter_spec.rb b/spec/services/displayable_pii_formatter_spec.rb
index 8674576850f..7f87cf3aff6 100644
--- a/spec/services/displayable_pii_formatter_spec.rb
+++ b/spec/services/displayable_pii_formatter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe DisplayablePiiFormatter do
+RSpec.describe DisplayablePiiFormatter do
   let(:last_sign_in_email_address) { 'test1@example.com' }
   let(:alternate_email_address) { 'test2@example.com' }
   let(:unconfirmed_email) { 'unconfirmed@example.com' }
diff --git a/spec/services/document_capture_session_result_spec.rb b/spec/services/document_capture_session_result_spec.rb
index 50435f21487..11f724a4206 100644
--- a/spec/services/document_capture_session_result_spec.rb
+++ b/spec/services/document_capture_session_result_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe DocumentCaptureSessionResult do
+RSpec.describe DocumentCaptureSessionResult do
   let(:id) { SecureRandom.uuid }
   let(:success) { true }
   let(:pii) { { 'first_name' => 'Testy', 'last_name' => 'Testerson' } }
diff --git a/spec/services/email_confirmation_token_validator_spec.rb b/spec/services/email_confirmation_token_validator_spec.rb
index 2ca4581023c..8be91518c75 100644
--- a/spec/services/email_confirmation_token_validator_spec.rb
+++ b/spec/services/email_confirmation_token_validator_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EmailConfirmationTokenValidator do
+RSpec.describe EmailConfirmationTokenValidator do
   describe '#submit' do
     subject { described_class.new(email_address, current_user) }
 
diff --git a/spec/services/encrypted_attribute_spec.rb b/spec/services/encrypted_attribute_spec.rb
index 6ffdb43ba45..0685d6e8cd5 100644
--- a/spec/services/encrypted_attribute_spec.rb
+++ b/spec/services/encrypted_attribute_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EncryptedAttribute do
+RSpec.describe EncryptedAttribute do
   let(:email) { 'someone@example.com' }
   let(:fingerprint) { Pii::Fingerprinter.fingerprint(email) }
   let(:encrypted_email) do
diff --git a/spec/services/encryption/aes_cipher_spec.rb b/spec/services/encryption/aes_cipher_spec.rb
index 59eb8d17063..42dc0d666a3 100644
--- a/spec/services/encryption/aes_cipher_spec.rb
+++ b/spec/services/encryption/aes_cipher_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::AesCipher do
+RSpec.describe Encryption::AesCipher do
   let(:plaintext) { 'some long secret' }
   let(:cek) { SecureRandom.random_bytes(32) }
 
diff --git a/spec/services/encryption/aes_cipher_v2_spec.rb b/spec/services/encryption/aes_cipher_v2_spec.rb
index 7efb7317d96..29dd54cb120 100644
--- a/spec/services/encryption/aes_cipher_v2_spec.rb
+++ b/spec/services/encryption/aes_cipher_v2_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::AesCipherV2 do
+RSpec.describe Encryption::AesCipherV2 do
   let(:plaintext) { 'some long secret' }
   let(:cek) { SecureRandom.random_bytes(32) }
 
diff --git a/spec/services/encryption/contextless_kms_client_spec.rb b/spec/services/encryption/contextless_kms_client_spec.rb
index 1247bbafbad..4de95fe3e2f 100644
--- a/spec/services/encryption/contextless_kms_client_spec.rb
+++ b/spec/services/encryption/contextless_kms_client_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::ContextlessKmsClient do
+RSpec.describe Encryption::ContextlessKmsClient do
   let(:password_pepper) { '1' * 32 }
   let(:local_plaintext) { 'local plaintext' }
   let(:local_ciphertext) { 'local ciphertext' }
diff --git a/spec/services/encryption/encryptors/aes_encryptor_spec.rb b/spec/services/encryption/encryptors/aes_encryptor_spec.rb
index b6142be0cfc..89f86916479 100644
--- a/spec/services/encryption/encryptors/aes_encryptor_spec.rb
+++ b/spec/services/encryption/encryptors/aes_encryptor_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::Encryptors::AesEncryptor do
+RSpec.describe Encryption::Encryptors::AesEncryptor do
   let(:aes_cek) { SecureRandom.random_bytes(32) }
   let(:plaintext) { 'four score and seven years ago' }
 
diff --git a/spec/services/encryption/encryptors/aes_encryptor_v2_spec.rb b/spec/services/encryption/encryptors/aes_encryptor_v2_spec.rb
index 91dbdc4c674..352d17a4987 100644
--- a/spec/services/encryption/encryptors/aes_encryptor_v2_spec.rb
+++ b/spec/services/encryption/encryptors/aes_encryptor_v2_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::Encryptors::AesEncryptorV2 do
+RSpec.describe Encryption::Encryptors::AesEncryptorV2 do
   let(:aes_cek) { SecureRandom.random_bytes(32) }
   let(:plaintext) { 'four score and seven years ago' }
 
diff --git a/spec/services/encryption/encryptors/attribute_encryptor_spec.rb b/spec/services/encryption/encryptors/attribute_encryptor_spec.rb
index d6351f2eb07..7e58fa76c49 100644
--- a/spec/services/encryption/encryptors/attribute_encryptor_spec.rb
+++ b/spec/services/encryption/encryptors/attribute_encryptor_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::Encryptors::AttributeEncryptor do
+RSpec.describe Encryption::Encryptors::AttributeEncryptor do
   let(:plaintext) { 'some secret text' }
   let(:current_key) { '1' * 32 }
   let(:retired_key) { '2' * 32 }
diff --git a/spec/services/encryption/encryptors/background_proofing_arg_encryptor_spec.rb b/spec/services/encryption/encryptors/background_proofing_arg_encryptor_spec.rb
index 4983909ce6c..0c93606e525 100644
--- a/spec/services/encryption/encryptors/background_proofing_arg_encryptor_spec.rb
+++ b/spec/services/encryption/encryptors/background_proofing_arg_encryptor_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::Encryptors::BackgroundProofingArgEncryptor do
+RSpec.describe Encryption::Encryptors::BackgroundProofingArgEncryptor do
   let(:plaintext) { '{ "foo": "bar" }' }
 
   describe '#encrypt' do
diff --git a/spec/services/encryption/encryptors/pii_encryptor_spec.rb b/spec/services/encryption/encryptors/pii_encryptor_spec.rb
index 8cc2491e0b8..0e41ec722b2 100644
--- a/spec/services/encryption/encryptors/pii_encryptor_spec.rb
+++ b/spec/services/encryption/encryptors/pii_encryptor_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::Encryptors::PiiEncryptor do
+RSpec.describe Encryption::Encryptors::PiiEncryptor do
   let(:password) { 'password' }
   let(:plaintext) { 'Oooh baby baby' }
 
diff --git a/spec/services/encryption/encryptors/session_encryptor_spec.rb b/spec/services/encryption/encryptors/session_encryptor_spec.rb
index 498c599a56d..eb61573dc3e 100644
--- a/spec/services/encryption/encryptors/session_encryptor_spec.rb
+++ b/spec/services/encryption/encryptors/session_encryptor_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::Encryptors::SessionEncryptor do
+RSpec.describe Encryption::Encryptors::SessionEncryptor do
   let(:plaintext) { '{ "foo": "bar" }' }
 
   describe '#encrypt' do
diff --git a/spec/services/encryption/kms_client_spec.rb b/spec/services/encryption/kms_client_spec.rb
index c8e3dbbdbec..fbf7a6e2d99 100644
--- a/spec/services/encryption/kms_client_spec.rb
+++ b/spec/services/encryption/kms_client_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::KmsClient do
+RSpec.describe Encryption::KmsClient do
   before do
     # rubocop:disable Layout/LineLength
     stub_mapped_aws_kms_client(
diff --git a/spec/services/encryption/kms_logger_spec.rb b/spec/services/encryption/kms_logger_spec.rb
index f012453262d..1584ada31f4 100644
--- a/spec/services/encryption/kms_logger_spec.rb
+++ b/spec/services/encryption/kms_logger_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::KmsLogger do
+RSpec.describe Encryption::KmsLogger do
   describe '.log' do
     context 'with a context' do
       it 'logs the context' do
diff --git a/spec/services/encryption/multi_region_kms_client_spec.rb b/spec/services/encryption/multi_region_kms_client_spec.rb
index d82e7e0766c..c64856efdc3 100644
--- a/spec/services/encryption/multi_region_kms_client_spec.rb
+++ b/spec/services/encryption/multi_region_kms_client_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::MultiRegionKmsClient do
+RSpec.describe Encryption::MultiRegionKmsClient do
   let(:kms_enabled) { true }
   let(:kms_multi_region_enabled) { true }
   let(:aws_kms_regions) { %w[us-north-1 us-south-1] }
diff --git a/spec/services/encryption/password_verifier_spec.rb b/spec/services/encryption/password_verifier_spec.rb
index 36a1f2d34d2..61a96094332 100644
--- a/spec/services/encryption/password_verifier_spec.rb
+++ b/spec/services/encryption/password_verifier_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::PasswordVerifier do
+RSpec.describe Encryption::PasswordVerifier do
   let(:password) { 'saltypickles' }
   let(:user_uuid) { 'asdf-1234' }
 
diff --git a/spec/services/encryption/uak_password_verifier_spec.rb b/spec/services/encryption/uak_password_verifier_spec.rb
index c6f7a13e6f3..715ba15b0d0 100644
--- a/spec/services/encryption/uak_password_verifier_spec.rb
+++ b/spec/services/encryption/uak_password_verifier_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::UakPasswordVerifier do
+RSpec.describe Encryption::UakPasswordVerifier do
   describe Encryption::UakPasswordVerifier::PasswordDigest do
     describe '.parse_from_string' do
       it 'does not blow up with unknown/new keys' do
diff --git a/spec/services/encryption/user_access_key_spec.rb b/spec/services/encryption/user_access_key_spec.rb
index 5a5f264ba26..51ae7fca0d6 100644
--- a/spec/services/encryption/user_access_key_spec.rb
+++ b/spec/services/encryption/user_access_key_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Encryption::UserAccessKey do
+RSpec.describe Encryption::UserAccessKey do
   let(:password) { 'this is a password' }
   let(:salt) { '1' * 64 } # hex encoded 32 random bytes
   let(:cost) { '800$8$1$' }
diff --git a/spec/services/event_disavowal/disavow_event_spec.rb b/spec/services/event_disavowal/disavow_event_spec.rb
index 94f85a5f836..cd7abf99b2b 100644
--- a/spec/services/event_disavowal/disavow_event_spec.rb
+++ b/spec/services/event_disavowal/disavow_event_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EventDisavowal::DisavowEvent do
+RSpec.describe EventDisavowal::DisavowEvent do
   describe '#call' do
     it 'sets disavowed_at' do
       event = create(:event, disavowed_at: nil)
diff --git a/spec/services/event_disavowal/find_disavowed_event_spec.rb b/spec/services/event_disavowal/find_disavowed_event_spec.rb
index 9d2e519468f..4a2735c932a 100644
--- a/spec/services/event_disavowal/find_disavowed_event_spec.rb
+++ b/spec/services/event_disavowal/find_disavowed_event_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EventDisavowal::FindDisavowedEvent do
+RSpec.describe EventDisavowal::FindDisavowedEvent do
   describe '#call' do
     let(:disavowal_token) { '1234abcd' }
 
diff --git a/spec/services/event_disavowal/validate_disavowed_event_spec.rb b/spec/services/event_disavowal/validate_disavowed_event_spec.rb
index 5d0770a5d63..d66372bb04f 100644
--- a/spec/services/event_disavowal/validate_disavowed_event_spec.rb
+++ b/spec/services/event_disavowal/validate_disavowed_event_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe EventDisavowal::ValidateDisavowedEvent do
+RSpec.describe EventDisavowal::ValidateDisavowedEvent do
   let(:event) { create(:event) }
   subject { described_class.new(event) }
 
diff --git a/spec/services/form_response_spec.rb b/spec/services/form_response_spec.rb
index 2f8f9fc4a28..9898d2e5eb7 100644
--- a/spec/services/form_response_spec.rb
+++ b/spec/services/form_response_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe FormResponse do
+RSpec.describe FormResponse do
   describe '#success?' do
     context 'when the success argument is true' do
       it 'returns true' do
diff --git a/spec/services/frontend_logger_spec.rb b/spec/services/frontend_logger_spec.rb
index c9344fa129e..01bffa7ce85 100644
--- a/spec/services/frontend_logger_spec.rb
+++ b/spec/services/frontend_logger_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe FrontendLogger do
+RSpec.describe FrontendLogger do
   module ExampleAnalyticsEvents
     def example_method_handler(ok:, **rest)
       track_event('example', ok: ok, rest: rest)
diff --git a/spec/services/funnel/registration/add_mfa_spec.rb b/spec/services/funnel/registration/add_mfa_spec.rb
index 4bdd14b5331..6fde1986586 100644
--- a/spec/services/funnel/registration/add_mfa_spec.rb
+++ b/spec/services/funnel/registration/add_mfa_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Funnel::Registration::AddMfa do
+RSpec.describe Funnel::Registration::AddMfa do
   let(:analytics) { FakeAnalytics.new }
   subject { described_class }
 
diff --git a/spec/services/funnel/registration/total_registered_count_spec.rb b/spec/services/funnel/registration/total_registered_count_spec.rb
index 89c8e13578b..39fa0db3280 100644
--- a/spec/services/funnel/registration/total_registered_count_spec.rb
+++ b/spec/services/funnel/registration/total_registered_count_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Funnel::Registration::TotalRegisteredCount do
+RSpec.describe Funnel::Registration::TotalRegisteredCount do
   let(:analytics) { FakeAnalytics.new }
   subject { described_class }
 
diff --git a/spec/services/gpo_confirmation_exporter_spec.rb b/spec/services/gpo_confirmation_exporter_spec.rb
index ac194705b8a..40b6d033923 100644
--- a/spec/services/gpo_confirmation_exporter_spec.rb
+++ b/spec/services/gpo_confirmation_exporter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe GpoConfirmationExporter do
+RSpec.describe GpoConfirmationExporter do
   let(:issuer) { 'http://localhost:3000' }
   let(:service_provider) { ServiceProvider.find_by(issuer: issuer) }
   let(:confirmations) do
diff --git a/spec/services/gpo_confirmation_maker_spec.rb b/spec/services/gpo_confirmation_maker_spec.rb
index 7091b44052b..0823c881a5c 100644
--- a/spec/services/gpo_confirmation_maker_spec.rb
+++ b/spec/services/gpo_confirmation_maker_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe GpoConfirmationMaker do
+RSpec.describe GpoConfirmationMaker do
   let(:otp) { '123ABC' }
   let(:issuer) { 'this-is-an-issuer' }
   let(:service_provider) { build(:service_provider, issuer: issuer) }
diff --git a/spec/services/gpo_confirmation_spec.rb b/spec/services/gpo_confirmation_spec.rb
index 6b14559fe23..53482a901a3 100644
--- a/spec/services/gpo_confirmation_spec.rb
+++ b/spec/services/gpo_confirmation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe GpoConfirmation do
+RSpec.describe GpoConfirmation do
   let(:attributes) do
     {
       first_name: 'Homer',
diff --git a/spec/services/identity_linker_spec.rb b/spec/services/identity_linker_spec.rb
index 53e05b3b33e..9e50e8e2211 100644
--- a/spec/services/identity_linker_spec.rb
+++ b/spec/services/identity_linker_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe IdentityLinker do
+RSpec.describe IdentityLinker do
   describe '#link_identity' do
     let(:user) { create(:user) }
     let(:service_provider) { build(:service_provider, issuer: 'test.host') }
diff --git a/spec/services/idv/agent_spec.rb b/spec/services/idv/agent_spec.rb
index 72baae98c94..708eee43ecf 100644
--- a/spec/services/idv/agent_spec.rb
+++ b/spec/services/idv/agent_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'ostruct'
 
-describe Idv::Agent do
+RSpec.describe Idv::Agent do
   include IdvHelper
 
   let(:user) { build(:user) }
diff --git a/spec/services/idv/analytics_events_enhancer_spec.rb b/spec/services/idv/analytics_events_enhancer_spec.rb
index af3eda5aaac..9011b3f6e91 100644
--- a/spec/services/idv/analytics_events_enhancer_spec.rb
+++ b/spec/services/idv/analytics_events_enhancer_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::AnalyticsEventsEnhancer do
+RSpec.describe Idv::AnalyticsEventsEnhancer do
   let(:user) { build(:user) }
   let(:analytics_class) do
     Class.new(FakeAnalytics) do
diff --git a/spec/services/idv/cancel_verification_attempt_spec.rb b/spec/services/idv/cancel_verification_attempt_spec.rb
index 3374b9bfe77..eabb5679d92 100644
--- a/spec/services/idv/cancel_verification_attempt_spec.rb
+++ b/spec/services/idv/cancel_verification_attempt_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::CancelVerificationAttempt do
+RSpec.describe Idv::CancelVerificationAttempt do
   let(:user) { create(:user, profiles: profiles) }
   let(:profiles) { [create(:profile, gpo_verification_pending_at: 1.day.ago)] }
 
diff --git a/spec/services/idv/data_url_image_spec.rb b/spec/services/idv/data_url_image_spec.rb
index 0d019a1e90b..87fec7a5bdb 100644
--- a/spec/services/idv/data_url_image_spec.rb
+++ b/spec/services/idv/data_url_image_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::DataUrlImage do
+RSpec.describe Idv::DataUrlImage do
   let(:data) { 'abc def' }
   let(:data_url) { "data:image/jpeg,#{Addressable::URI.encode(data)}" }
   subject(:data_url_image) { described_class.new(data_url) }
diff --git a/spec/services/idv/doc_auth_form_response_spec.rb b/spec/services/idv/doc_auth_form_response_spec.rb
index f93c5415411..09eb3ae743d 100644
--- a/spec/services/idv/doc_auth_form_response_spec.rb
+++ b/spec/services/idv/doc_auth_form_response_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::DocAuthFormResponse do
+RSpec.describe Idv::DocAuthFormResponse do
   let(:extra) { {} }
   subject(:response) { described_class.new(success: true, extra: extra) }
 
diff --git a/spec/services/idv/duplicate_ssn_finder_spec.rb b/spec/services/idv/duplicate_ssn_finder_spec.rb
index f2a95c2ec83..e93a2faf6fb 100644
--- a/spec/services/idv/duplicate_ssn_finder_spec.rb
+++ b/spec/services/idv/duplicate_ssn_finder_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::DuplicateSsnFinder do
+RSpec.describe Idv::DuplicateSsnFinder do
   describe '#ssn_is_unique?' do
     let(:ssn) { '123-45-6789' }
     let(:user) { create(:user) }
diff --git a/spec/services/idv/gpo_mail_spec.rb b/spec/services/idv/gpo_mail_spec.rb
index 557633a60ae..24ab2063dca 100644
--- a/spec/services/idv/gpo_mail_spec.rb
+++ b/spec/services/idv/gpo_mail_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::GpoMail do
+RSpec.describe Idv::GpoMail do
   let(:user) { create(:user) }
   let(:subject) { Idv::GpoMail.new(user) }
 
diff --git a/spec/services/idv/in_person/completion_survey_sender_spec.rb b/spec/services/idv/in_person/completion_survey_sender_spec.rb
index 5182ab02dca..0e524d763bc 100644
--- a/spec/services/idv/in_person/completion_survey_sender_spec.rb
+++ b/spec/services/idv/in_person/completion_survey_sender_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::InPerson::CompletionSurveySender do
+RSpec.describe Idv::InPerson::CompletionSurveySender do
   describe '.send_completion_survey' do
     let(:user) { create(:user) }
     let(:issuer) { 'test_issuer' }
diff --git a/spec/services/idv/in_person/enrollment_code_formatter_spec.rb b/spec/services/idv/in_person/enrollment_code_formatter_spec.rb
index 886cb319140..8f13bf3d57f 100644
--- a/spec/services/idv/in_person/enrollment_code_formatter_spec.rb
+++ b/spec/services/idv/in_person/enrollment_code_formatter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::InPerson::EnrollmentCodeFormatter do
+RSpec.describe Idv::InPerson::EnrollmentCodeFormatter do
   describe '.format' do
     it 'returns a formatted code' do
       result = described_class.format('2048702198804358')
diff --git a/spec/services/idv/in_person_config_spec.rb b/spec/services/idv/in_person_config_spec.rb
index fdabe37e448..0665aa2fbb4 100644
--- a/spec/services/idv/in_person_config_spec.rb
+++ b/spec/services/idv/in_person_config_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::InPersonConfig do
+RSpec.describe Idv::InPersonConfig do
   let(:in_person_proofing_enabled) { false }
   let(:idv_sp_required) { false }
 
diff --git a/spec/services/idv/phone_step_spec.rb b/spec/services/idv/phone_step_spec.rb
index a3400986d9e..3435e7e856e 100644
--- a/spec/services/idv/phone_step_spec.rb
+++ b/spec/services/idv/phone_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::PhoneStep do
+RSpec.describe Idv::PhoneStep do
   include IdvHelper
 
   before { stub_attempts_tracker }
diff --git a/spec/services/idv/profile_maker_spec.rb b/spec/services/idv/profile_maker_spec.rb
index a88311dca3c..0a58713e2f6 100644
--- a/spec/services/idv/profile_maker_spec.rb
+++ b/spec/services/idv/profile_maker_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::ProfileMaker do
+RSpec.describe Idv::ProfileMaker do
   describe '#save_profile' do
     let(:applicant) { { first_name: 'Some', last_name: 'One' } }
     let(:user) { create(:user, :fully_registered) }
diff --git a/spec/services/idv/proofing_components_logging_spec.rb b/spec/services/idv/proofing_components_logging_spec.rb
index 6233d3563ac..b270a722c8d 100644
--- a/spec/services/idv/proofing_components_logging_spec.rb
+++ b/spec/services/idv/proofing_components_logging_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::ProofingComponentsLogging do
+RSpec.describe Idv::ProofingComponentsLogging do
   describe '#as_json' do
     it 'returns hash with nil values omitted' do
       proofing_components = ProofingComponent.new(document_check: Idp::Constants::Vendors::AAMVA)
diff --git a/spec/services/idv/send_phone_confirmation_otp_spec.rb b/spec/services/idv/send_phone_confirmation_otp_spec.rb
index 0cbffd9a883..4fd7b6dc590 100644
--- a/spec/services/idv/send_phone_confirmation_otp_spec.rb
+++ b/spec/services/idv/send_phone_confirmation_otp_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::SendPhoneConfirmationOtp do
+RSpec.describe Idv::SendPhoneConfirmationOtp do
   let(:phone) { '+1 225-555-5000' }
   let(:parsed_phone) { Phonelib.parse(phone) }
   let(:delivery_preference) { :sms }
diff --git a/spec/services/idv/session_spec.rb b/spec/services/idv/session_spec.rb
index f604848e77c..50a7c130162 100644
--- a/spec/services/idv/session_spec.rb
+++ b/spec/services/idv/session_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::Session do
+RSpec.describe Idv::Session do
   let(:user) { create(:user) }
   let(:user_session) { {} }
 
diff --git a/spec/services/idv/steps/in_person/address_step_spec.rb b/spec/services/idv/steps/in_person/address_step_spec.rb
index 04e17af5c12..5a0e33ca736 100644
--- a/spec/services/idv/steps/in_person/address_step_spec.rb
+++ b/spec/services/idv/steps/in_person/address_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::Steps::InPerson::AddressStep do
+RSpec.describe Idv::Steps::InPerson::AddressStep do
   include InPersonHelper
   let(:submitted_values) { {} }
   let(:pii_from_user) { flow.flow_session[:pii_from_user] }
diff --git a/spec/services/idv/steps/in_person/ssn_step_spec.rb b/spec/services/idv/steps/in_person/ssn_step_spec.rb
index 0c5502c0d70..0511fc48401 100644
--- a/spec/services/idv/steps/in_person/ssn_step_spec.rb
+++ b/spec/services/idv/steps/in_person/ssn_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::Steps::InPerson::SsnStep do
+RSpec.describe Idv::Steps::InPerson::SsnStep do
   let(:ssn) { Idp::Constants::MOCK_IDV_APPLICANT_WITH_SSN[:ssn] }
   let(:params) { { doc_auth: { ssn: ssn } } }
   let(:session) { { sp: { issuer: service_provider.issuer } } }
diff --git a/spec/services/idv/steps/in_person/state_id_step_spec.rb b/spec/services/idv/steps/in_person/state_id_step_spec.rb
index b5c16c2a7b0..7c17be3e61f 100644
--- a/spec/services/idv/steps/in_person/state_id_step_spec.rb
+++ b/spec/services/idv/steps/in_person/state_id_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::Steps::InPerson::StateIdStep do
+RSpec.describe Idv::Steps::InPerson::StateIdStep do
   include InPersonHelper
   let(:submitted_values) { {} }
   let(:params) { ActionController::Parameters.new({ state_id: submitted_values }) }
diff --git a/spec/services/idv/steps/in_person/verify_step_spec.rb b/spec/services/idv/steps/in_person/verify_step_spec.rb
index ef0f3392c5c..0bfe10c4bd0 100644
--- a/spec/services/idv/steps/in_person/verify_step_spec.rb
+++ b/spec/services/idv/steps/in_person/verify_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::Steps::InPerson::VerifyStep do
+RSpec.describe Idv::Steps::InPerson::VerifyStep do
   include Rails.application.routes.url_helpers
 
   let(:user) { build(:user) }
diff --git a/spec/services/idv/steps/in_person/verify_wait_step_show_spec.rb b/spec/services/idv/steps/in_person/verify_wait_step_show_spec.rb
index 7a5e9d6e095..e70121c5a54 100644
--- a/spec/services/idv/steps/in_person/verify_wait_step_show_spec.rb
+++ b/spec/services/idv/steps/in_person/verify_wait_step_show_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::Steps::InPerson::VerifyWaitStepShow do
+RSpec.describe Idv::Steps::InPerson::VerifyWaitStepShow do
   include Rails.application.routes.url_helpers
 
   let(:user) { build(:user) }
diff --git a/spec/services/idv/steps/welcome_step_spec.rb b/spec/services/idv/steps/welcome_step_spec.rb
index 386b843fedc..9b7e1af7d52 100644
--- a/spec/services/idv/steps/welcome_step_spec.rb
+++ b/spec/services/idv/steps/welcome_step_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Idv::Steps::WelcomeStep do
+RSpec.describe Idv::Steps::WelcomeStep do
   include Rails.application.routes.url_helpers
 
   let(:user) { build(:user) }
diff --git a/spec/services/irs_attempts_api/redis_client_spec.rb b/spec/services/irs_attempts_api/redis_client_spec.rb
index 56b312aae90..cdadd341e9c 100644
--- a/spec/services/irs_attempts_api/redis_client_spec.rb
+++ b/spec/services/irs_attempts_api/redis_client_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe IrsAttemptsApi::RedisClient do
+RSpec.describe IrsAttemptsApi::RedisClient do
   describe '#write_event' do
     it 'writes the attempt data to redis with the event key as the key' do
       freeze_time do
diff --git a/spec/services/key_rotator/attribute_encryption_spec.rb b/spec/services/key_rotator/attribute_encryption_spec.rb
index 3b0a8f17e94..5aece7f884e 100644
--- a/spec/services/key_rotator/attribute_encryption_spec.rb
+++ b/spec/services/key_rotator/attribute_encryption_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe KeyRotator::AttributeEncryption do
+RSpec.describe KeyRotator::AttributeEncryption do
   describe '#rotate' do
     let(:rotator) { described_class.new(email_address) }
     let(:email_address) { create(:email_address) }
diff --git a/spec/services/key_rotator/hmac_fingerprinter_spec.rb b/spec/services/key_rotator/hmac_fingerprinter_spec.rb
index 48246edd47a..a9702bdff5d 100644
--- a/spec/services/key_rotator/hmac_fingerprinter_spec.rb
+++ b/spec/services/key_rotator/hmac_fingerprinter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe KeyRotator::HmacFingerprinter do
+RSpec.describe KeyRotator::HmacFingerprinter do
   describe '#rotate' do
     let(:pii_hash) do
       {
diff --git a/spec/services/otp_preference_updater_spec.rb b/spec/services/otp_preference_updater_spec.rb
index 998611513b5..a0acbde75a2 100644
--- a/spec/services/otp_preference_updater_spec.rb
+++ b/spec/services/otp_preference_updater_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe OtpPreferenceUpdater do
+RSpec.describe OtpPreferenceUpdater do
   subject do
     OtpPreferenceUpdater.new(
       user: build_stubbed(:user, otp_delivery_preference: 'sms'),
diff --git a/spec/services/outage_status_spec.rb b/spec/services/outage_status_spec.rb
index 84bb778b259..52c110bcd8c 100644
--- a/spec/services/outage_status_spec.rb
+++ b/spec/services/outage_status_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe OutageStatus do
+RSpec.describe OutageStatus do
   subject(:vendor_status) do
     OutageStatus.new
   end
diff --git a/spec/services/parse_controller_from_referer_spec.rb b/spec/services/parse_controller_from_referer_spec.rb
index e39533bfc85..027662c5b6c 100644
--- a/spec/services/parse_controller_from_referer_spec.rb
+++ b/spec/services/parse_controller_from_referer_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ParseControllerFromReferer do
+RSpec.describe ParseControllerFromReferer do
   describe '#call' do
     context 'when the referer is nil' do
       it 'returns "no referer" string' do
diff --git a/spec/services/personal_key_generator_spec.rb b/spec/services/personal_key_generator_spec.rb
index 55b1408e9c1..8e5899d646d 100644
--- a/spec/services/personal_key_generator_spec.rb
+++ b/spec/services/personal_key_generator_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PersonalKeyGenerator do
+RSpec.describe PersonalKeyGenerator do
   let(:personal_key) { Base32::Crockford.encode(100 ** 10, length: 16, split: 4).tr('-', ' ') }
   let(:bad_code) { Base32::Crockford.encode(100 ** 9, length: 16, split: 4).tr('-', ' ') }
   let(:invalid_base32_code) { 'four score has letter U in it' }
diff --git a/spec/services/phone_formatter_spec.rb b/spec/services/phone_formatter_spec.rb
index 232d554becf..b9547138989 100644
--- a/spec/services/phone_formatter_spec.rb
+++ b/spec/services/phone_formatter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PhoneFormatter do
+RSpec.describe PhoneFormatter do
   describe '#format' do
     it 'formats international numbers correctly' do
       phone = '+40211234567'
diff --git a/spec/services/phone_number_capabilities_spec.rb b/spec/services/phone_number_capabilities_spec.rb
index 5ca9cabbe1c..7cb4cb64fc8 100644
--- a/spec/services/phone_number_capabilities_spec.rb
+++ b/spec/services/phone_number_capabilities_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PhoneNumberCapabilities do
+RSpec.describe PhoneNumberCapabilities do
   let(:phone) { '+1 (703) 555-5000' }
   let(:phone_confirmed) { false }
   subject(:capabilities) { PhoneNumberCapabilities.new(phone, phone_confirmed: phone_confirmed) }
diff --git a/spec/services/phone_recaptcha_validator_spec.rb b/spec/services/phone_recaptcha_validator_spec.rb
index bc1faf65502..f3e07340fa1 100644
--- a/spec/services/phone_recaptcha_validator_spec.rb
+++ b/spec/services/phone_recaptcha_validator_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PhoneRecaptchaValidator do
+RSpec.describe PhoneRecaptchaValidator do
   let(:country_score_overrides_config) { {} }
   let(:score_threshold_config) { 0.2 }
   let(:parsed_phone) { Phonelib.parse('+15135551234') }
diff --git a/spec/services/pii/attributes_spec.rb b/spec/services/pii/attributes_spec.rb
index 64a139e0929..7b1e027a445 100644
--- a/spec/services/pii/attributes_spec.rb
+++ b/spec/services/pii/attributes_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Pii::Attributes do
+RSpec.describe Pii::Attributes do
   let(:password) { 'I am the password' }
 
   describe '#new_from_hash' do
diff --git a/spec/services/pii/cacher_spec.rb b/spec/services/pii/cacher_spec.rb
index b8d54947202..63a82030f64 100644
--- a/spec/services/pii/cacher_spec.rb
+++ b/spec/services/pii/cacher_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Pii::Cacher do
+RSpec.describe Pii::Cacher do
   let(:password) { 'salty peanuts are best' }
   let(:user) { create(:user, :with_phone, password: password) }
   let(:profile) do
diff --git a/spec/services/pii/fingerprinter_spec.rb b/spec/services/pii/fingerprinter_spec.rb
index af3b208e3b7..a39d02f89a2 100644
--- a/spec/services/pii/fingerprinter_spec.rb
+++ b/spec/services/pii/fingerprinter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Pii::Fingerprinter do
+RSpec.describe Pii::Fingerprinter do
   before do
     allow(IdentityConfig.store).to receive(:hmac_fingerprinter_key_queue).and_return(
       ['old-key-one', 'old-key-two'],
diff --git a/spec/services/pii/re_encryptor_spec.rb b/spec/services/pii/re_encryptor_spec.rb
index f8ac47fb69e..32eba2d1caa 100644
--- a/spec/services/pii/re_encryptor_spec.rb
+++ b/spec/services/pii/re_encryptor_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Pii::ReEncryptor do
+RSpec.describe Pii::ReEncryptor do
   describe '#perform' do
     it 're-encrypts PII using new code' do
       profile = create(:profile, :active, :verified, pii: { ssn: '1234' })
diff --git a/spec/services/piv_cac/check_config_spec.rb b/spec/services/piv_cac/check_config_spec.rb
index 8b1f9ae90ae..acab30772f5 100644
--- a/spec/services/piv_cac/check_config_spec.rb
+++ b/spec/services/piv_cac/check_config_spec.rb
@@ -2,7 +2,7 @@
 
 # Covers app/services/piv_cac/check_config.rb, which raises an error if the
 # piv_cac_verify_token_url is not configured with https in production environments.
-describe PivCac::CheckConfig do
+RSpec.describe PivCac::CheckConfig do
   let(:is_production) { false }
   let(:url) { 'http://non-secure.example.com/' }
 
diff --git a/spec/services/piv_cac_service_spec.rb b/spec/services/piv_cac_service_spec.rb
index 13e03621935..f6e7ae39017 100644
--- a/spec/services/piv_cac_service_spec.rb
+++ b/spec/services/piv_cac_service_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PivCacService do
+RSpec.describe PivCacService do
   include Rails.application.routes.url_helpers
 
   describe '#randomize_uri' do
diff --git a/spec/services/proofing/aamva/applicant_spec.rb b/spec/services/proofing/aamva/applicant_spec.rb
index 2e380c5b697..bb22b20d376 100644
--- a/spec/services/proofing/aamva/applicant_spec.rb
+++ b/spec/services/proofing/aamva/applicant_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::Aamva::Applicant do
+RSpec.describe Proofing::Aamva::Applicant do
   let(:proofer_applicant) do
     {
       uuid: '1234-4567-abcd-efgh',
diff --git a/spec/services/proofing/aamva/authentication_client_spec.rb b/spec/services/proofing/aamva/authentication_client_spec.rb
index 2bbdcb0fda7..c787a754801 100644
--- a/spec/services/proofing/aamva/authentication_client_spec.rb
+++ b/spec/services/proofing/aamva/authentication_client_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::Aamva::AuthenticationClient do
+RSpec.describe Proofing::Aamva::AuthenticationClient do
   let(:config) { AamvaFixtures.example_config }
   let(:security_token_request_stub) do
     stub_request(:post, config.auth_url).
diff --git a/spec/services/proofing/aamva/hmac_secret_spec.rb b/spec/services/proofing/aamva/hmac_secret_spec.rb
index 2fb4dec5e01..be04b213ad4 100644
--- a/spec/services/proofing/aamva/hmac_secret_spec.rb
+++ b/spec/services/proofing/aamva/hmac_secret_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::Aamva::HmacSecret do
+RSpec.describe Proofing::Aamva::HmacSecret do
   let(:client_secret) { 'MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDA=' }
   let(:server_secret) { 'MTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTE=' }
   let(:expected_result) { Base64.strict_decode64 'txJiPvOByVADlND/OgUqlJFKoZlR3GPfxGSWMmrRzEM=' }
diff --git a/spec/services/proofing/aamva/proofer_spec.rb b/spec/services/proofing/aamva/proofer_spec.rb
index 1906b7e22e8..072d257eb2b 100644
--- a/spec/services/proofing/aamva/proofer_spec.rb
+++ b/spec/services/proofing/aamva/proofer_spec.rb
@@ -1,7 +1,7 @@
 require 'rails_helper'
 require 'ostruct'
 
-describe Proofing::Aamva::Proofer do
+RSpec.describe Proofing::Aamva::Proofer do
   let(:aamva_applicant) do
     Aamva::Applicant.from_proofer_applicant(OpenStruct.new(state_id_data))
   end
diff --git a/spec/services/proofing/aamva/request/authentication_token_request_spec.rb b/spec/services/proofing/aamva/request/authentication_token_request_spec.rb
index 0cd51b4d9fd..930444f2af6 100644
--- a/spec/services/proofing/aamva/request/authentication_token_request_spec.rb
+++ b/spec/services/proofing/aamva/request/authentication_token_request_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::Aamva::Request::AuthenticationTokenRequest do
+RSpec.describe Proofing::Aamva::Request::AuthenticationTokenRequest do
   let(:security_context_token_identifier) { 'sct-token-identifier' }
   let(:security_context_token_reference) { 'sct-token-reference' }
   let(:client_hmac_secret) { 'MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDA=' }
diff --git a/spec/services/proofing/aamva/request/security_token_request_spec.rb b/spec/services/proofing/aamva/request/security_token_request_spec.rb
index d2fd8923951..75a8702d72c 100644
--- a/spec/services/proofing/aamva/request/security_token_request_spec.rb
+++ b/spec/services/proofing/aamva/request/security_token_request_spec.rb
@@ -2,7 +2,7 @@
 require 'rexml/document'
 require 'rexml/xpath'
 
-describe Proofing::Aamva::Request::SecurityTokenRequest do
+RSpec.describe Proofing::Aamva::Request::SecurityTokenRequest do
   let(:config) { AamvaFixtures.example_config }
 
   before do
diff --git a/spec/services/proofing/aamva/request/verification_request_spec.rb b/spec/services/proofing/aamva/request/verification_request_spec.rb
index de27dd4aec7..8b9b621391f 100644
--- a/spec/services/proofing/aamva/request/verification_request_spec.rb
+++ b/spec/services/proofing/aamva/request/verification_request_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::Aamva::Request::VerificationRequest do
+RSpec.describe Proofing::Aamva::Request::VerificationRequest do
   let(:state_id_jurisdiction) { 'CA' }
   let(:state_id_number) { '123456789' }
   let(:applicant) do
diff --git a/spec/services/proofing/aamva/response/authentication_token_response_spec.rb b/spec/services/proofing/aamva/response/authentication_token_response_spec.rb
index 23ad2d37b5f..be2757ea5dc 100644
--- a/spec/services/proofing/aamva/response/authentication_token_response_spec.rb
+++ b/spec/services/proofing/aamva/response/authentication_token_response_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::Aamva::Response::AuthenticationTokenResponse do
+RSpec.describe Proofing::Aamva::Response::AuthenticationTokenResponse do
   let(:status_code) { 200 }
   let(:response_body) { AamvaFixtures.authentication_token_response }
   let(:http_response) do
diff --git a/spec/services/proofing/aamva/response/security_token_response_spec.rb b/spec/services/proofing/aamva/response/security_token_response_spec.rb
index beb19be3d62..ea96b8d66fe 100644
--- a/spec/services/proofing/aamva/response/security_token_response_spec.rb
+++ b/spec/services/proofing/aamva/response/security_token_response_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::Aamva::Response::SecurityTokenResponse do
+RSpec.describe Proofing::Aamva::Response::SecurityTokenResponse do
   let(:security_context_token_identifier) { 'sct-token-identifier' }
   let(:security_context_token_reference) { 'sct-token-reference' }
   let(:nonce) { 'MTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTE=' }
diff --git a/spec/services/proofing/aamva/response/verification_response_spec.rb b/spec/services/proofing/aamva/response/verification_response_spec.rb
index 39ff9c207ba..47d57cba506 100644
--- a/spec/services/proofing/aamva/response/verification_response_spec.rb
+++ b/spec/services/proofing/aamva/response/verification_response_spec.rb
@@ -2,7 +2,7 @@
 require 'rexml/document'
 require 'rexml/xpath'
 
-describe Proofing::Aamva::Response::VerificationResponse do
+RSpec.describe Proofing::Aamva::Response::VerificationResponse do
   let(:status_code) { 200 }
   let(:response_body) { AamvaFixtures.verification_response }
   let(:http_response) do
diff --git a/spec/services/proofing/aamva/soap_error_handler_spec.rb b/spec/services/proofing/aamva/soap_error_handler_spec.rb
index 3a795ae5d70..aa95e303c05 100644
--- a/spec/services/proofing/aamva/soap_error_handler_spec.rb
+++ b/spec/services/proofing/aamva/soap_error_handler_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::Aamva::SoapErrorHandler do
+RSpec.describe Proofing::Aamva::SoapErrorHandler do
   let(:response_body) { AamvaFixtures.soap_fault_response }
 
   subject do
diff --git a/spec/services/proofing/aamva/verification_client_spec.rb b/spec/services/proofing/aamva/verification_client_spec.rb
index b748176944b..34764f484f3 100644
--- a/spec/services/proofing/aamva/verification_client_spec.rb
+++ b/spec/services/proofing/aamva/verification_client_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::Aamva::VerificationClient do
+RSpec.describe Proofing::Aamva::VerificationClient do
   let(:applicant) do
     applicant = Proofing::Aamva::Applicant.from_proofer_applicant(
       uuid: '1234-4567-abcd-efgh',
diff --git a/spec/services/proofing/ddp_result_spec.rb b/spec/services/proofing/ddp_result_spec.rb
index ee070476edd..ca358fde2db 100644
--- a/spec/services/proofing/ddp_result_spec.rb
+++ b/spec/services/proofing/ddp_result_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::DdpResult do
+RSpec.describe Proofing::DdpResult do
   describe '#add_error' do
     shared_examples 'add_error' do |key|
       it 'returns itself' do
diff --git a/spec/services/proofing/lexis_nexis/date_formatter_spec.rb b/spec/services/proofing/lexis_nexis/date_formatter_spec.rb
index 94f7a953d05..7bf0bf44c4e 100644
--- a/spec/services/proofing/lexis_nexis/date_formatter_spec.rb
+++ b/spec/services/proofing/lexis_nexis/date_formatter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::DateFormatter do
+RSpec.describe Proofing::LexisNexis::DateFormatter do
   subject(:date_formatter) { described_class.new(date_string) }
 
   describe '#date' do
diff --git a/spec/services/proofing/lexis_nexis/ddp/proofing_spec.rb b/spec/services/proofing/lexis_nexis/ddp/proofing_spec.rb
index 33888b5df53..df0ca8d7955 100644
--- a/spec/services/proofing/lexis_nexis/ddp/proofing_spec.rb
+++ b/spec/services/proofing/lexis_nexis/ddp/proofing_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::Ddp::Proofer do
+RSpec.describe Proofing::LexisNexis::Ddp::Proofer do
   let(:applicant) do
     {
       first_name: 'Testy',
diff --git a/spec/services/proofing/lexis_nexis/ddp/response_redacter_spec.rb b/spec/services/proofing/lexis_nexis/ddp/response_redacter_spec.rb
index 5f0576a9d7a..2b2c8c13db4 100644
--- a/spec/services/proofing/lexis_nexis/ddp/response_redacter_spec.rb
+++ b/spec/services/proofing/lexis_nexis/ddp/response_redacter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::Ddp::ResponseRedacter do
+RSpec.describe Proofing::LexisNexis::Ddp::ResponseRedacter do
   let(:json) do
     Proofing::LexisNexis::Ddp::ResponseRedacter.
       redact(sample_hash)
diff --git a/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb b/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb
index f080724318f..8541278f1a4 100644
--- a/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb
+++ b/spec/services/proofing/lexis_nexis/ddp/verification_request_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::Ddp::VerificationRequest do
+RSpec.describe Proofing::LexisNexis::Ddp::VerificationRequest do
   let(:dob) { '1980-01-01' }
   let(:applicant) do
     {
diff --git a/spec/services/proofing/lexis_nexis/instant_verify/proofing_spec.rb b/spec/services/proofing/lexis_nexis/instant_verify/proofing_spec.rb
index a8b15a9846f..7421f761b06 100644
--- a/spec/services/proofing/lexis_nexis/instant_verify/proofing_spec.rb
+++ b/spec/services/proofing/lexis_nexis/instant_verify/proofing_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::InstantVerify::Proofer do
+RSpec.describe Proofing::LexisNexis::InstantVerify::Proofer do
   let(:applicant) do
     {
       uuid_prefix: '0987',
diff --git a/spec/services/proofing/lexis_nexis/instant_verify/verification_request_spec.rb b/spec/services/proofing/lexis_nexis/instant_verify/verification_request_spec.rb
index b55f01406ec..14fc56ee3d5 100644
--- a/spec/services/proofing/lexis_nexis/instant_verify/verification_request_spec.rb
+++ b/spec/services/proofing/lexis_nexis/instant_verify/verification_request_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::InstantVerify::VerificationRequest do
+RSpec.describe Proofing::LexisNexis::InstantVerify::VerificationRequest do
   let(:dob) { '01/01/1980' }
   let(:applicant) do
     {
diff --git a/spec/services/proofing/lexis_nexis/phone_finder/proofing_spec.rb b/spec/services/proofing/lexis_nexis/phone_finder/proofing_spec.rb
index 9d63ae70d4e..43b9225d5b5 100644
--- a/spec/services/proofing/lexis_nexis/phone_finder/proofing_spec.rb
+++ b/spec/services/proofing/lexis_nexis/phone_finder/proofing_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::PhoneFinder::Proofer do
+RSpec.describe Proofing::LexisNexis::PhoneFinder::Proofer do
   let(:applicant) do
     {
       uuid_prefix: '0987',
diff --git a/spec/services/proofing/lexis_nexis/phone_finder/verification_request_spec.rb b/spec/services/proofing/lexis_nexis/phone_finder/verification_request_spec.rb
index 935c5bad79f..c8d32982bfe 100644
--- a/spec/services/proofing/lexis_nexis/phone_finder/verification_request_spec.rb
+++ b/spec/services/proofing/lexis_nexis/phone_finder/verification_request_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::PhoneFinder::VerificationRequest do
+RSpec.describe Proofing::LexisNexis::PhoneFinder::VerificationRequest do
   let(:applicant) do
     {
       uuid_prefix: '0987',
diff --git a/spec/services/proofing/lexis_nexis/request_signer_spec.rb b/spec/services/proofing/lexis_nexis/request_signer_spec.rb
index d3bdefc5f72..c0dc555654d 100644
--- a/spec/services/proofing/lexis_nexis/request_signer_spec.rb
+++ b/spec/services/proofing/lexis_nexis/request_signer_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::RequestSigner do
+RSpec.describe Proofing::LexisNexis::RequestSigner do
   let(:message_body) { 'APPLICANT_DATA' }
   let(:path) { '/request/path' }
   let(:timestamp) { Time.zone.now.strftime('%s%L') }
diff --git a/spec/services/proofing/lexis_nexis/response_spec.rb b/spec/services/proofing/lexis_nexis/response_spec.rb
index 6c42eeba0fc..b43fc847950 100644
--- a/spec/services/proofing/lexis_nexis/response_spec.rb
+++ b/spec/services/proofing/lexis_nexis/response_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe Proofing::LexisNexis::Response do
+RSpec.describe Proofing::LexisNexis::Response do
   let(:response_status_code) { 200 }
   let(:response_body) { LexisNexisFixtures.instant_verify_success_response_json }
   let(:response) do
diff --git a/spec/services/pwned_passwords/lookup_password_spec.rb b/spec/services/pwned_passwords/lookup_password_spec.rb
index 6593dbef485..daed304adc7 100644
--- a/spec/services/pwned_passwords/lookup_password_spec.rb
+++ b/spec/services/pwned_passwords/lookup_password_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe PwnedPasswords::LookupPassword do
+RSpec.describe PwnedPasswords::LookupPassword do
   describe '#call' do
     let(:pwned_passwords) do
       %w[
diff --git a/spec/services/random_phrase_spec.rb b/spec/services/random_phrase_spec.rb
index 7cc5a516190..d9b3aab9c22 100644
--- a/spec/services/random_phrase_spec.rb
+++ b/spec/services/random_phrase_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe RandomPhrase do
+RSpec.describe RandomPhrase do
   describe '#initialize' do
     it 'checks for profanity and regenerates a random number when it finds' do
       profane = Base32::Crockford.decode('FART')
diff --git a/spec/services/reactivate_account_session_spec.rb b/spec/services/reactivate_account_session_spec.rb
index 534711233d6..7dd415e7b3c 100644
--- a/spec/services/reactivate_account_session_spec.rb
+++ b/spec/services/reactivate_account_session_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ReactivateAccountSession do
+RSpec.describe ReactivateAccountSession do
   let(:user) { build(:user) }
   let(:user_session) { {} }
 
diff --git a/spec/services/recaptcha_enterprise_validator_spec.rb b/spec/services/recaptcha_enterprise_validator_spec.rb
index d572d4fc77f..1556ea0f602 100644
--- a/spec/services/recaptcha_enterprise_validator_spec.rb
+++ b/spec/services/recaptcha_enterprise_validator_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe RecaptchaEnterpriseValidator do
+RSpec.describe RecaptchaEnterpriseValidator do
   let(:score_threshold) { 0.2 }
   let(:analytics) { FakeAnalytics.new }
   let(:extra_analytics_properties) { {} }
diff --git a/spec/services/recaptcha_mock_validator_spec.rb b/spec/services/recaptcha_mock_validator_spec.rb
index b96a6b88d16..862fe492b45 100644
--- a/spec/services/recaptcha_mock_validator_spec.rb
+++ b/spec/services/recaptcha_mock_validator_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe RecaptchaMockValidator do
+RSpec.describe RecaptchaMockValidator do
   let(:score_threshold) { 0.2 }
   let(:analytics) { FakeAnalytics.new }
   let(:score) { nil }
diff --git a/spec/services/recaptcha_validator_spec.rb b/spec/services/recaptcha_validator_spec.rb
index 90c362366a6..d6588cb2c63 100644
--- a/spec/services/recaptcha_validator_spec.rb
+++ b/spec/services/recaptcha_validator_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe RecaptchaValidator do
+RSpec.describe RecaptchaValidator do
   let(:score_threshold) { 0.2 }
   let(:analytics) { FakeAnalytics.new }
   let(:extra_analytics_properties) { {} }
diff --git a/spec/services/remember_device_cookie_spec.rb b/spec/services/remember_device_cookie_spec.rb
index 14a851e042f..7670eb86153 100644
--- a/spec/services/remember_device_cookie_spec.rb
+++ b/spec/services/remember_device_cookie_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe RememberDeviceCookie do
+RSpec.describe RememberDeviceCookie do
   let(:remember_device_revoked_at) { nil }
   let(:user) { create(:user, :with_phone, remember_device_revoked_at: remember_device_revoked_at) }
   let(:created_at) { Time.zone.now }
diff --git a/spec/services/saml_endpoint_spec.rb b/spec/services/saml_endpoint_spec.rb
index bb158fb987c..ddbd7cb9a9b 100644
--- a/spec/services/saml_endpoint_spec.rb
+++ b/spec/services/saml_endpoint_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SamlEndpoint do
+RSpec.describe SamlEndpoint do
   let(:year) { '2023' }
 
   subject { described_class.new(year) }
diff --git a/spec/services/saml_request_validator_spec.rb b/spec/services/saml_request_validator_spec.rb
index d7ac58abde3..7fadb420fdb 100644
--- a/spec/services/saml_request_validator_spec.rb
+++ b/spec/services/saml_request_validator_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SamlRequestValidator do
+RSpec.describe SamlRequestValidator do
   describe '#call' do
     context 'valid authn context and sp and authorized nameID format' do
       it 'returns FormResponse with success: true' do
diff --git a/spec/services/send_sign_up_email_confirmation_spec.rb b/spec/services/send_sign_up_email_confirmation_spec.rb
index cecfecea9f5..6312885d45a 100644
--- a/spec/services/send_sign_up_email_confirmation_spec.rb
+++ b/spec/services/send_sign_up_email_confirmation_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SendSignUpEmailConfirmation do
+RSpec.describe SendSignUpEmailConfirmation do
   describe '#call' do
     let(:user) { create(:user, confirmed_at: nil) }
     let(:email_address) { user.email_addresses.take }
diff --git a/spec/services/service_provider_request_proxy_spec.rb b/spec/services/service_provider_request_proxy_spec.rb
index 33b0db5b690..c4de88973d7 100644
--- a/spec/services/service_provider_request_proxy_spec.rb
+++ b/spec/services/service_provider_request_proxy_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ServiceProviderRequestProxy do
+RSpec.describe ServiceProviderRequestProxy do
   before do
     ServiceProviderRequestProxy.flush
   end
diff --git a/spec/services/service_provider_seeder_spec.rb b/spec/services/service_provider_seeder_spec.rb
index ab1e7852f16..3151b056fd9 100644
--- a/spec/services/service_provider_seeder_spec.rb
+++ b/spec/services/service_provider_seeder_spec.rb
@@ -83,6 +83,10 @@
       let(:prod_issuer) { 'urn:gov:login:test-providers:fake-prod-sp' }
       let(:unrestricted_issuer) { 'urn:gov:login:test-providers:fake-unrestricted-sp' }
 
+      before do
+        allow(IdentityConfig.store).to receive(:team_ursula_email).and_return('team@example.com')
+      end
+
       context 'when %{env} is present in the config file' do
         let(:deploy_env) { 'dev' }
 
@@ -106,12 +110,10 @@
           expect(ServiceProvider.find_by(issuer: unrestricted_issuer)).not_to be_present
         end
 
-        it 'sends New Relic an error if the DB has an SP not in the config' do
-          allow(NewRelic::Agent).to receive(:notice_error)
+        it 'sends an email an error if the DB has an SP not in the config' do
           create(:service_provider, issuer: 'missing_issuer')
-          run
 
-          expect(NewRelic::Agent).to have_received(:notice_error)
+          expect { run }.to change { ActionMailer::Base.deliveries.count }.by(1)
         end
       end
 
@@ -128,11 +130,9 @@
         end
 
         it 'sends New Relic an error if the DB has an SP not in the config' do
-          allow(NewRelic::Agent).to receive(:notice_error)
           create(:service_provider, issuer: 'missing_issuer')
-          run
 
-          expect(NewRelic::Agent).to have_received(:notice_error)
+          expect { run }.to change { ActionMailer::Base.deliveries.count }.by(1)
         end
       end
 
diff --git a/spec/services/service_provider_updater_spec.rb b/spec/services/service_provider_updater_spec.rb
index a95a3585d1d..b812c8f80c9 100644
--- a/spec/services/service_provider_updater_spec.rb
+++ b/spec/services/service_provider_updater_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe ServiceProviderUpdater do
+RSpec.describe ServiceProviderUpdater do
   include SamlAuthHelper
 
   let(:fake_dashboard_url) { 'http://dashboard.example.org' }
diff --git a/spec/services/session_encryptor_spec.rb b/spec/services/session_encryptor_spec.rb
index fe1c11402bf..4edbd4c2082 100644
--- a/spec/services/session_encryptor_spec.rb
+++ b/spec/services/session_encryptor_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SessionEncryptor do
+RSpec.describe SessionEncryptor do
   describe '#load' do
     it 'decrypts encrypted session' do
       session = SessionEncryptor.new.dump(foo: 'bar')
diff --git a/spec/services/ssn_formatter_spec.rb b/spec/services/ssn_formatter_spec.rb
index 1a0b37b4871..d1b1c706232 100644
--- a/spec/services/ssn_formatter_spec.rb
+++ b/spec/services/ssn_formatter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe SsnFormatter do
+RSpec.describe SsnFormatter do
   describe '.format' do
     let(:ssn) { '' }
     subject { SsnFormatter.format(ssn) }
diff --git a/spec/services/store_sp_metadata_in_session_spec.rb b/spec/services/store_sp_metadata_in_session_spec.rb
index 94a35ca8ccf..773b7e2a881 100644
--- a/spec/services/store_sp_metadata_in_session_spec.rb
+++ b/spec/services/store_sp_metadata_in_session_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe StoreSpMetadataInSession do
+RSpec.describe StoreSpMetadataInSession do
   describe '#call' do
     context 'when a ServiceProviderRequestProxy is not found' do
       it 'does not set the session[:sp] hash' do
diff --git a/spec/services/string_redacter_spec.rb b/spec/services/string_redacter_spec.rb
index 14574db27f9..5c90b2ab1f8 100644
--- a/spec/services/string_redacter_spec.rb
+++ b/spec/services/string_redacter_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'StringRedacter' do
+RSpec.describe 'StringRedacter' do
   describe '#redact_alphanumeric' do
     it 'leaves in punctuation and spaces, but removes letters and numbers' do
       expect(StringRedacter.redact_alphanumeric('+11 (555) DEF-1234')).
diff --git a/spec/services/update_user_spec.rb b/spec/services/update_user_spec.rb
index 7c15f91ed52..c53a78656a3 100644
--- a/spec/services/update_user_spec.rb
+++ b/spec/services/update_user_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UpdateUser do
+RSpec.describe UpdateUser do
   describe '#call' do
     it 'updates the user with the passed in attributes' do
       user = build(:user, otp_delivery_preference: 'sms')
diff --git a/spec/services/user_alerts/alert_user_about_account_verified_spec.rb b/spec/services/user_alerts/alert_user_about_account_verified_spec.rb
index 6126f1bf727..44445fd6b4e 100644
--- a/spec/services/user_alerts/alert_user_about_account_verified_spec.rb
+++ b/spec/services/user_alerts/alert_user_about_account_verified_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserAlerts::AlertUserAboutAccountVerified do
+RSpec.describe UserAlerts::AlertUserAboutAccountVerified do
   describe '#call' do
     let(:user) { create(:user, :fully_registered) }
     let(:device) { create(:device, user: user) }
diff --git a/spec/services/user_alerts/alert_user_about_new_device_spec.rb b/spec/services/user_alerts/alert_user_about_new_device_spec.rb
index 783a5f36012..8cdefe7c1f7 100644
--- a/spec/services/user_alerts/alert_user_about_new_device_spec.rb
+++ b/spec/services/user_alerts/alert_user_about_new_device_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserAlerts::AlertUserAboutNewDevice do
+RSpec.describe UserAlerts::AlertUserAboutNewDevice do
   describe '#call' do
     let(:user) { create(:user, :fully_registered) }
     let(:disavowal_token) { 'the_disavowal_token' }
diff --git a/spec/services/user_alerts/alert_user_about_password_change_spec.rb b/spec/services/user_alerts/alert_user_about_password_change_spec.rb
index 8a32a1a5d79..21b9cdb6b7f 100644
--- a/spec/services/user_alerts/alert_user_about_password_change_spec.rb
+++ b/spec/services/user_alerts/alert_user_about_password_change_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserAlerts::AlertUserAboutPasswordChange do
+RSpec.describe UserAlerts::AlertUserAboutPasswordChange do
   describe '#call' do
     it 'sends an email to all of the users confirmed email addresses' do
       user = create(:user)
diff --git a/spec/services/user_alerts/alert_user_about_personal_key_sign_in_spec.rb b/spec/services/user_alerts/alert_user_about_personal_key_sign_in_spec.rb
index 6695fd372ef..ebd57cbdbd7 100644
--- a/spec/services/user_alerts/alert_user_about_personal_key_sign_in_spec.rb
+++ b/spec/services/user_alerts/alert_user_about_personal_key_sign_in_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserAlerts::AlertUserAboutPersonalKeySignIn do
+RSpec.describe UserAlerts::AlertUserAboutPersonalKeySignIn do
   describe '#call' do
     it 'sends sms and emails to confirmed addresses' do
       user = create(:user)
diff --git a/spec/services/user_event_creator_spec.rb b/spec/services/user_event_creator_spec.rb
index e984c101485..91b3d7758c2 100644
--- a/spec/services/user_event_creator_spec.rb
+++ b/spec/services/user_event_creator_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserEventCreator do
+RSpec.describe UserEventCreator do
   let(:user_agent) { 'A computer on the internet' }
   let(:ip_address) { '4.4.4.4' }
   let(:existing_device_cookie) { 'existing_device_cookie' }
diff --git a/spec/services/user_session_context_spec.rb b/spec/services/user_session_context_spec.rb
index a60e63a7dff..fe013932f9e 100644
--- a/spec/services/user_session_context_spec.rb
+++ b/spec/services/user_session_context_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe UserSessionContext do
+RSpec.describe UserSessionContext do
   let(:confirmation) { { context: 'confirmation' } }
 
   describe '.authentication_context?' do
diff --git a/spec/services/x509/attribute_spec.rb b/spec/services/x509/attribute_spec.rb
index 6dac3e9611f..dfb22bc91ff 100644
--- a/spec/services/x509/attribute_spec.rb
+++ b/spec/services/x509/attribute_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe X509::Attribute do
+RSpec.describe X509::Attribute do
   let(:x509_subject) { 'O=US, OU=DoD, CN=John.Doe.1234' }
 
   subject { described_class.new(raw: x509_subject) }
diff --git a/spec/services/x509/attributes_spec.rb b/spec/services/x509/attributes_spec.rb
index fbb5291af48..3d619c1e63f 100644
--- a/spec/services/x509/attributes_spec.rb
+++ b/spec/services/x509/attributes_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe X509::Attributes do
+RSpec.describe X509::Attributes do
   let(:user_access_key) { UserAccessKey.new(password: 'sekrit', salt: SecureRandom.uuid) }
 
   describe '#new_from_hash' do
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 0892f9f414e..1fc0c11f9bf 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -13,6 +13,7 @@
 
 RSpec.configure do |config|
   # see more settings at spec/rails_helper.rb
+  config.disable_monkey_patching!
   config.raise_errors_for_deprecations!
   config.order = :random
   config.color = true
diff --git a/spec/support/features/doc_auth_helper.rb b/spec/support/features/doc_auth_helper.rb
index 5c1c4cad2df..63fedf16aea 100644
--- a/spec/support/features/doc_auth_helper.rb
+++ b/spec/support/features/doc_auth_helper.rb
@@ -87,25 +87,24 @@ def complete_agreement_step
     click_on t('doc_auth.buttons.continue')
   end
 
-  def complete_doc_auth_steps_before_upload_step(expect_accessible: false)
+  def complete_doc_auth_steps_before_hybrid_handoff_step(expect_accessible: false)
     complete_doc_auth_steps_before_agreement_step(expect_accessible: expect_accessible)
     complete_agreement_step
     expect(page).to be_axe_clean.according_to :section508, :"best-practice" if expect_accessible
   end
 
-  def complete_upload_step
-    # If there is a phone outage, the upload step is
-    # skipped and the user is taken straight to
-    # document capture.
+  def complete_hybrid_handoff_step
+    # If there is a phone outage, the hybrid_handoff step is
+    # skipped and the user is taken straight to document capture.
     return if OutageStatus.new.any_phone_vendor_outage?
     click_on t('forms.buttons.upload_photos')
   end
 
   def complete_doc_auth_steps_before_document_capture_step(expect_accessible: false)
-    complete_doc_auth_steps_before_upload_step(expect_accessible: expect_accessible)
+    complete_doc_auth_steps_before_hybrid_handoff_step(expect_accessible: expect_accessible)
     # JavaScript-enabled mobile devices will skip directly to document capture, so stop as complete.
     return if page.current_path == idv_document_capture_path
-    complete_upload_step
+    complete_hybrid_handoff_step
     expect(page).to be_axe_clean.according_to :section508, :"best-practice" if expect_accessible
   end
 
@@ -163,7 +162,7 @@ def complete_doc_auth_steps_before_address_step(expect_accessible: false)
   end
 
   def complete_doc_auth_steps_before_link_sent_step
-    complete_doc_auth_steps_before_upload_step
+    complete_doc_auth_steps_before_hybrid_handoff_step
     click_send_link
   end
 
diff --git a/spec/support/features/session_helper.rb b/spec/support/features/session_helper.rb
index 501e37c7a6c..e9df38b4ce6 100644
--- a/spec/support/features/session_helper.rb
+++ b/spec/support/features/session_helper.rb
@@ -391,12 +391,12 @@ def sign_up_user_from_sp_without_confirming_email(email)
 
       click_sign_in_from_landing_page_then_click_create_account
 
-      expect(current_url).to eq sign_up_email_url(source: :sign_in)
+      expect(current_url).to eq sign_up_email_url
       expect_branded_experience
 
       visit_landing_page_and_click_create_account_with_request_id(sp_request_id)
 
-      expect(current_url).to eq sign_up_email_url(source: :sign_in)
+      expect(current_url).to eq sign_up_email_url
       expect_branded_experience
 
       submit_form_with_invalid_email
diff --git a/spec/support/idv_examples/clearing_and_restarting.rb b/spec/support/idv_examples/clearing_and_restarting.rb
index f67a2605fbc..f63c5afe6e8 100644
--- a/spec/support/idv_examples/clearing_and_restarting.rb
+++ b/spec/support/idv_examples/clearing_and_restarting.rb
@@ -1,4 +1,4 @@
-shared_examples 'clearing and restarting idv' do
+RSpec.shared_examples 'clearing and restarting idv' do
   it 'allows the user to retry verification with phone', js: true do
     click_on t('idv.messages.clear_and_start_over')
     click_idv_continue
diff --git a/spec/support/idv_examples/failed_idv_phone_job.rb b/spec/support/idv_examples/failed_idv_phone_job.rb
index 71b911bc8ef..9ae88ce8241 100644
--- a/spec/support/idv_examples/failed_idv_phone_job.rb
+++ b/spec/support/idv_examples/failed_idv_phone_job.rb
@@ -1,4 +1,4 @@
-shared_examples 'failed idv phone job' do
+RSpec.shared_examples 'failed idv phone job' do
   let(:locale) { LinkLocaleResolver.locale }
 
   before do
diff --git a/spec/support/idv_examples/gpo_otp_verification.rb b/spec/support/idv_examples/gpo_otp_verification.rb
index b3adc5da569..176aadadff2 100644
--- a/spec/support/idv_examples/gpo_otp_verification.rb
+++ b/spec/support/idv_examples/gpo_otp_verification.rb
@@ -1,4 +1,4 @@
-shared_examples 'gpo otp verification' do
+RSpec.shared_examples 'gpo otp verification' do
   include IdvStepHelper
 
   it 'prompts for one-time code at sign in' do
diff --git a/spec/support/idv_examples/max_attempts.rb b/spec/support/idv_examples/max_attempts.rb
index 96e4ea6097f..0472a7a40ac 100644
--- a/spec/support/idv_examples/max_attempts.rb
+++ b/spec/support/idv_examples/max_attempts.rb
@@ -1,4 +1,4 @@
-shared_examples 'verification step max attempts' do |step, sp|
+RSpec.shared_examples 'verification step max attempts' do |step, sp|
   include ActionView::Helpers::DateHelper
 
   let(:user) { user_with_2fa }
diff --git a/spec/support/idv_examples/sp_handoff.rb b/spec/support/idv_examples/sp_handoff.rb
index 5355964a46e..2b15083cf8d 100644
--- a/spec/support/idv_examples/sp_handoff.rb
+++ b/spec/support/idv_examples/sp_handoff.rb
@@ -1,4 +1,4 @@
-shared_examples 'sp handoff after identity verification' do |sp|
+RSpec.shared_examples 'sp handoff after identity verification' do |sp|
   include SamlAuthHelper
   include IdvHelper
   include JavascriptDriverHelper
diff --git a/spec/support/idv_examples/sp_requested_attributes.rb b/spec/support/idv_examples/sp_requested_attributes.rb
index fced9ba953a..4b6ecc9728d 100644
--- a/spec/support/idv_examples/sp_requested_attributes.rb
+++ b/spec/support/idv_examples/sp_requested_attributes.rb
@@ -1,4 +1,4 @@
-shared_examples 'sp requesting attributes' do |sp|
+RSpec.shared_examples 'sp requesting attributes' do |sp|
   include SamlAuthHelper
   include IdvStepHelper
 
diff --git a/spec/support/shared_examples/account_creation.rb b/spec/support/shared_examples/account_creation.rb
index b1eadb39f88..833c1d57981 100644
--- a/spec/support/shared_examples/account_creation.rb
+++ b/spec/support/shared_examples/account_creation.rb
@@ -1,4 +1,4 @@
-shared_examples 'creating an account with the site in Spanish' do |sp|
+RSpec.shared_examples 'creating an account with the site in Spanish' do |sp|
   it 'redirects to the SP', email: true do
     Capybara.current_session.driver.header('Accept-Language', 'es')
     visit_idp_from_sp_with_ial1(sp)
@@ -20,7 +20,7 @@
   end
 end
 
-shared_examples 'creating an account using authenticator app for 2FA' do |sp|
+RSpec.shared_examples 'creating an account using authenticator app for 2FA' do |sp|
   it 'redirects to the SP', email: true do
     visit_idp_from_sp_with_ial1(sp)
     register_user_with_authenticator_app
@@ -41,7 +41,7 @@
   end
 end
 
-shared_examples 'creating an IAL2 account using authenticator app for 2FA' do |sp|
+RSpec.shared_examples 'creating an IAL2 account using authenticator app for 2FA' do |sp|
   it 'does not prompt for recovery code before IdV flow', email: true, idv_job: true, js: true do
     visit_idp_from_sp_with_ial2(sp)
     register_user_with_authenticator_app
@@ -66,7 +66,7 @@
   end
 end
 
-shared_examples 'creating an account using PIV/CAC for 2FA' do |sp|
+RSpec.shared_examples 'creating an account using PIV/CAC for 2FA' do |sp|
   it 'redirects to the SP', email: true do
     visit_idp_from_sp_with_ial1(sp)
     register_user_with_piv_cac
@@ -87,7 +87,7 @@
   end
 end
 
-shared_examples 'creating an IAL2 account using webauthn for 2FA' do |sp|
+RSpec.shared_examples 'creating an IAL2 account using webauthn for 2FA' do |sp|
   it 'does not prompt for recovery code before IdV flow', email: true, js: true do
     mock_webauthn_setup_challenge
     visit_idp_from_sp_with_ial2(sp)
@@ -117,7 +117,7 @@
   end
 end
 
-shared_examples 'creating two accounts during the same session' do |sp|
+RSpec.shared_examples 'creating two accounts during the same session' do |sp|
   it 'allows the second account creation process to complete fully', email: true do
     first_email = 'test1@test.com'
     second_email = 'test2@test.com'
diff --git a/spec/support/shared_examples/lexis_nexis.rb b/spec/support/shared_examples/lexis_nexis.rb
index 7172385fce9..ae54d21dca9 100644
--- a/spec/support/shared_examples/lexis_nexis.rb
+++ b/spec/support/shared_examples/lexis_nexis.rb
@@ -1,4 +1,4 @@
-shared_examples 'a lexisnexis rdp proofer' do
+RSpec.shared_examples 'a lexisnexis rdp proofer' do
   let(:verification_status) { 'passed' }
   let(:conversation_id) { 'foo' }
   let(:reference) { SecureRandom.uuid }
@@ -53,7 +53,7 @@
   end
 end
 
-shared_examples 'a lexisnexis request' do |basic_auth: true|
+RSpec.shared_examples 'a lexisnexis request' do |basic_auth: true|
   describe '#http_headers' do
     it 'contains the content type' do
       expect(subject.headers).to include('Content-Type' => 'application/json')
diff --git a/spec/support/shared_examples/password_strength.rb b/spec/support/shared_examples/password_strength.rb
index b9505b62e4c..c90fbb9d0d1 100644
--- a/spec/support/shared_examples/password_strength.rb
+++ b/spec/support/shared_examples/password_strength.rb
@@ -1,4 +1,4 @@
-shared_examples 'strong password' do |form_class|
+RSpec.shared_examples 'strong password' do |form_class|
   it 'does not allow a password that is common and/or needs more words' do
     user = build_stubbed(:user, email: 'test@test.com', uuid: '123')
     allow(user).to receive(:reset_password_period_valid?).and_return(true)
diff --git a/spec/support/shared_examples/phone/otp_confirmation.rb b/spec/support/shared_examples/phone/otp_confirmation.rb
index 680a4a0134c..93966f42bd4 100644
--- a/spec/support/shared_examples/phone/otp_confirmation.rb
+++ b/spec/support/shared_examples/phone/otp_confirmation.rb
@@ -1,4 +1,4 @@
-shared_examples 'phone otp confirmation' do |delivery_method|
+RSpec.shared_examples 'phone otp confirmation' do |delivery_method|
   it 'allows the user to confirm a phone' do
     visit_otp_confirmation(delivery_method)
     fill_in :code, with: last_otp(delivery_method)
diff --git a/spec/support/shared_examples/phone/rate_limitting.rb b/spec/support/shared_examples/phone/rate_limitting.rb
index 9d07041dbbb..1a8e4099186 100644
--- a/spec/support/shared_examples/phone/rate_limitting.rb
+++ b/spec/support/shared_examples/phone/rate_limitting.rb
@@ -1,4 +1,4 @@
-shared_examples 'phone rate limitting' do |delivery_method|
+RSpec.shared_examples 'phone rate limitting' do |delivery_method|
   let(:max_confirmation_attempts) { 4 }
   let(:max_otp_sends) { 2 }
   let(:min_attempts) { 2 }
diff --git a/spec/support/shared_examples/remember_device.rb b/spec/support/shared_examples/remember_device.rb
index 7d8483accbd..ba8b0d42ca8 100644
--- a/spec/support/shared_examples/remember_device.rb
+++ b/spec/support/shared_examples/remember_device.rb
@@ -1,4 +1,4 @@
-shared_examples 'remember device' do
+RSpec.shared_examples 'remember device' do
   it 'does not require 2FA on sign in' do
     user = remember_device_and_sign_out_user
     sign_in_user(user)
diff --git a/spec/support/shared_examples/sign_in.rb b/spec/support/shared_examples/sign_in.rb
index 91e4d4f3562..9b60775c511 100644
--- a/spec/support/shared_examples/sign_in.rb
+++ b/spec/support/shared_examples/sign_in.rb
@@ -1,4 +1,4 @@
-shared_examples 'signing in with the site in Spanish' do |sp|
+RSpec.shared_examples 'signing in with the site in Spanish' do |sp|
   it 'redirects to the SP' do
     Capybara.current_session.driver.header('Accept-Language', 'es')
 
@@ -29,7 +29,7 @@
   end
 end
 
-shared_examples 'signing in from service provider' do |sp|
+RSpec.shared_examples 'signing in from service provider' do |sp|
   it 'does not display session timeout alert on sign in page' do
     visit_idp_from_sp_with_ial1(sp)
 
@@ -37,19 +37,19 @@
   end
 end
 
-shared_examples 'signing in as IAL1 with personal key' do |sp|
+RSpec.shared_examples 'signing in as IAL1 with personal key' do |sp|
   it 'redirects to the SP after acknowledging new personal key', email: true do
     ial1_sign_in_with_personal_key_goes_to_sp(sp)
   end
 end
 
-shared_examples 'signing in as IAL1 with piv/cac' do |sp|
+RSpec.shared_examples 'signing in as IAL1 with piv/cac' do |sp|
   it 'redirects to the SP after authenticating', email: true do
     ial1_sign_in_with_piv_cac_goes_to_sp(sp)
   end
 end
 
-shared_examples 'visiting 2fa when fully authenticated' do |sp|
+RSpec.shared_examples 'visiting 2fa when fully authenticated' do |sp|
   it 'redirects to SP after visiting a 2fa screen when fully authenticated', email: true do
     ial1_sign_in_with_personal_key_goes_to_sp(sp)
 
@@ -67,7 +67,7 @@
   end
 end
 
-shared_examples 'signing in as IAL2 with personal key' do |sp|
+RSpec.shared_examples 'signing in as IAL2 with personal key' do |sp|
   it 'does not present personal key as an MFA option' do
     user = create(:user, :fully_registered)
     _profile = create(:profile, :active, :verified, :with_pii, user: user)
@@ -81,7 +81,7 @@
   end
 end
 
-shared_examples 'signing in as IAL2 with piv/cac' do |sp|
+RSpec.shared_examples 'signing in as IAL2 with piv/cac' do |sp|
   it 'redirects to the SP after authenticating and getting the password', :email, js: true do
     ial2_sign_in_with_piv_cac_goes_to_sp(sp)
   end
@@ -99,7 +99,7 @@
   end
 end
 
-shared_examples 'signing in as IAL1 with personal key after resetting password' do |sp|
+RSpec.shared_examples 'signing in as IAL1 with personal key after resetting password' do |sp|
   it 'redirects to SP', email: true do
     user = create_ial1_account_go_back_to_sp_and_sign_out(sp)
 
@@ -125,7 +125,7 @@
   end
 end
 
-shared_examples 'signing in as IAL2 with personal key after resetting password' do |sp|
+RSpec.shared_examples 'signing in as IAL2 with personal key after resetting password' do |sp|
   xit 'redirects to SP after reactivating account', :email, js: true do
     user = create_ial2_account_go_back_to_sp_and_sign_out(sp)
     visit_idp_from_sp_with_ial2(sp)
@@ -159,7 +159,7 @@
   end
 end
 
-shared_examples 'signing in with wrong credentials' do |sp|
+RSpec.shared_examples 'signing in with wrong credentials' do |sp|
   # This tests the custom Devise error message defined in lib/custom_devise_failure_app.rb
   context 'when the user does not exist' do
     it 'links to forgot password page with locale and request_id' do
@@ -191,7 +191,7 @@
   end
 end
 
-shared_examples 'signing in as proofed account with broken personal key' do |protocol, sp_ial:|
+RSpec.shared_examples 'signing in as proofed account with broken personal key' do |protocol, sp_ial:| # rubocop:disable Layout/LineLength
   let(:window_start) { 3.days.ago }
   let(:window_end) { 1.day.ago }
 
diff --git a/spec/support/shared_examples/webauthn_setup.rb b/spec/support/shared_examples/webauthn_setup.rb
index 7eadc7152ae..5bc3806af82 100644
--- a/spec/support/shared_examples/webauthn_setup.rb
+++ b/spec/support/shared_examples/webauthn_setup.rb
@@ -1,4 +1,4 @@
-shared_examples 'webauthn setup' do
+RSpec.shared_examples 'webauthn setup' do
   it 'allows a user to setup webauthn' do
     mock_webauthn_setup_challenge
     visit_webauthn_setup
diff --git a/spec/support/shared_examples_for_email_normalization.rb b/spec/support/shared_examples_for_email_normalization.rb
index 4ba97639cfd..19f76f081c7 100644
--- a/spec/support/shared_examples_for_email_normalization.rb
+++ b/spec/support/shared_examples_for_email_normalization.rb
@@ -1,4 +1,4 @@
-shared_examples 'email normalization' do |email|
+RSpec.shared_examples 'email normalization' do |email|
   it 'downcases and strips the email before validation' do
     old_email = email
 
diff --git a/spec/support/shared_examples_for_email_validation.rb b/spec/support/shared_examples_for_email_validation.rb
index 9f287cd4aa9..493f0358234 100644
--- a/spec/support/shared_examples_for_email_validation.rb
+++ b/spec/support/shared_examples_for_email_validation.rb
@@ -1,4 +1,4 @@
-shared_examples 'email validation' do
+RSpec.shared_examples 'email validation' do
   it 'uses the valid_email gem with mx and ban_disposable options' do
     email_validator = subject._validators.values.flatten.
       detect { |v| v.instance_of?(EmailValidator) }
diff --git a/spec/support/shared_examples_for_mailer.rb b/spec/support/shared_examples_for_mailer.rb
index 875c590c90e..5c2aaac7026 100644
--- a/spec/support/shared_examples_for_mailer.rb
+++ b/spec/support/shared_examples_for_mailer.rb
@@ -1,4 +1,4 @@
-shared_examples 'a system email' do
+RSpec.shared_examples 'a system email' do
   it 'is from the default email' do
     expect(mail.from).to eq [IdentityConfig.store.email_from]
     expect(mail[:from].display_names).to eq [IdentityConfig.store.email_from_display_name]
@@ -13,7 +13,7 @@
 end
 
 # expects there to be a let(:user) in scope
-shared_examples 'an email that respects user email locale preference' do
+RSpec.shared_examples 'an email that respects user email locale preference' do
   before do
     user.email_language = 'fr'
     user.save!
diff --git a/spec/support/shared_examples_for_otp_delivery_preference_validation.rb b/spec/support/shared_examples_for_otp_delivery_preference_validation.rb
index 42d041000ce..6f48b0367a2 100644
--- a/spec/support/shared_examples_for_otp_delivery_preference_validation.rb
+++ b/spec/support/shared_examples_for_otp_delivery_preference_validation.rb
@@ -1,4 +1,4 @@
-shared_examples 'an otp delivery preference form' do
+RSpec.shared_examples 'an otp delivery preference form' do
   let(:phone) { '+1 (703) 555-5000' }
   let(:params) do
     {
diff --git a/spec/support/shared_examples_for_otp_forms.rb b/spec/support/shared_examples_for_otp_forms.rb
index 41ae58f3aef..60e1dabb68c 100644
--- a/spec/support/shared_examples_for_otp_forms.rb
+++ b/spec/support/shared_examples_for_otp_forms.rb
@@ -1,4 +1,4 @@
-shared_examples_for 'an otp form' do
+RSpec.shared_examples_for 'an otp form' do
   describe 'tertiary form actions' do
     it 'allows the user to cancel out of the sign in process' do
       render
diff --git a/spec/support/shared_examples_for_password_validation.rb b/spec/support/shared_examples_for_password_validation.rb
index d476b2c583c..a4872571118 100644
--- a/spec/support/shared_examples_for_password_validation.rb
+++ b/spec/support/shared_examples_for_password_validation.rb
@@ -1,4 +1,4 @@
-shared_examples 'password validation' do
+RSpec.shared_examples 'password validation' do
   it do
     is_expected.to validate_presence_of(:password).with_message(t('errors.messages.blank'))
   end
diff --git a/spec/support/shared_examples_for_phone_validation.rb b/spec/support/shared_examples_for_phone_validation.rb
index 0017690339e..599a9a8cd45 100644
--- a/spec/support/shared_examples_for_phone_validation.rb
+++ b/spec/support/shared_examples_for_phone_validation.rb
@@ -1,6 +1,6 @@
 require 'shoulda/matchers'
 
-shared_examples 'a phone form' do
+RSpec.shared_examples 'a phone form' do
   describe 'phone presence validation' do
     it 'is invalid when phone is blank' do
       params[:phone] = ''
diff --git a/spec/views/account_reset/cancel/show.html.erb_spec.rb b/spec/views/account_reset/cancel/show.html.erb_spec.rb
index 7f77e08fcc6..91fe43bbc35 100644
--- a/spec/views/account_reset/cancel/show.html.erb_spec.rb
+++ b/spec/views/account_reset/cancel/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'account_reset/cancel/show.html.erb' do
+RSpec.describe 'account_reset/cancel/show.html.erb' do
   it 'has a localized title' do
     expect(view).to receive(:title).with(t('account_reset.cancel_request.title'))
 
diff --git a/spec/views/account_reset/confirm_delete_account/show.html.erb_spec.rb b/spec/views/account_reset/confirm_delete_account/show.html.erb_spec.rb
index a165e4823e2..ebeea5ef4af 100644
--- a/spec/views/account_reset/confirm_delete_account/show.html.erb_spec.rb
+++ b/spec/views/account_reset/confirm_delete_account/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'account_reset/confirm_delete_account/show.html.erb' do
+RSpec.describe 'account_reset/confirm_delete_account/show.html.erb' do
   before do
     allow(view).to receive(:email).and_return('foo@bar.com')
   end
diff --git a/spec/views/account_reset/confirm_request/show.html.erb_spec.rb b/spec/views/account_reset/confirm_request/show.html.erb_spec.rb
index 5464eac0844..91786c81f86 100644
--- a/spec/views/account_reset/confirm_request/show.html.erb_spec.rb
+++ b/spec/views/account_reset/confirm_request/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'account_reset/confirm_request/show.html.erb' do
+RSpec.describe 'account_reset/confirm_request/show.html.erb' do
   before do
     allow(view).to receive(:email).and_return('foo@bar.com')
     allow(view).to receive(:sms_phone).and_return(true)
diff --git a/spec/views/account_reset/delete_account/show.html.erb_spec.rb b/spec/views/account_reset/delete_account/show.html.erb_spec.rb
index c0036979e2a..364b0a5c472 100644
--- a/spec/views/account_reset/delete_account/show.html.erb_spec.rb
+++ b/spec/views/account_reset/delete_account/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'account_reset/delete_account/show.html.erb' do
+RSpec.describe 'account_reset/delete_account/show.html.erb' do
   before do
     allow(view).to receive(:email).and_return('foo@bar.com')
   end
diff --git a/spec/views/account_reset/recovery_options/show.html.erb_spec.rb b/spec/views/account_reset/recovery_options/show.html.erb_spec.rb
index 766ffa9fe95..6b5be6ccc54 100644
--- a/spec/views/account_reset/recovery_options/show.html.erb_spec.rb
+++ b/spec/views/account_reset/recovery_options/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'account_reset/recovery_options/show.html.erb' do
+RSpec.describe 'account_reset/recovery_options/show.html.erb' do
   it 'has a localized title' do
     expect(view).to receive(:title).with(t('account_reset.recovery_options.header'))
 
diff --git a/spec/views/account_reset/request/show.html.erb_spec.rb b/spec/views/account_reset/request/show.html.erb_spec.rb
index 43aeac57577..dbc639e3eb6 100644
--- a/spec/views/account_reset/request/show.html.erb_spec.rb
+++ b/spec/views/account_reset/request/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'account_reset/request/show.html.erb' do
+RSpec.describe 'account_reset/request/show.html.erb' do
   before do
     user = create(:user, :fully_registered, :with_personal_key)
     allow(view).to receive(:current_user).and_return(user)
diff --git a/spec/views/account_reset/user_mailer/email_confirmation_instructions.html.erb_spec.rb b/spec/views/account_reset/user_mailer/email_confirmation_instructions.html.erb_spec.rb
index 790920278ae..1c086c51be5 100644
--- a/spec/views/account_reset/user_mailer/email_confirmation_instructions.html.erb_spec.rb
+++ b/spec/views/account_reset/user_mailer/email_confirmation_instructions.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'user_mailer/email_confirmation_instructions.html.erb' do
+RSpec.describe 'user_mailer/email_confirmation_instructions.html.erb' do
   it 'mentions how long the user has to confirm' do
     user = build_stubbed(:user, confirmed_at: Time.zone.now)
     assign(:resource, user)
diff --git a/spec/views/account_reset/user_mailer/unconfirmed_email_instructions.html.erb_spec.rb b/spec/views/account_reset/user_mailer/unconfirmed_email_instructions.html.erb_spec.rb
index ff712d4a9c0..fe5dd97e245 100644
--- a/spec/views/account_reset/user_mailer/unconfirmed_email_instructions.html.erb_spec.rb
+++ b/spec/views/account_reset/user_mailer/unconfirmed_email_instructions.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'user_mailer/unconfirmed_email_instructions.html.erb' do
+RSpec.describe 'user_mailer/unconfirmed_email_instructions.html.erb' do
   it 'states that the email is not associated with a user account' do
     user = build_stubbed(:user, confirmed_at: nil)
     assign(:resource, user)
diff --git a/spec/views/accounts/_nav_auth.html.erb_spec.rb b/spec/views/accounts/_nav_auth.html.erb_spec.rb
index 7780458c970..f5acafd8636 100644
--- a/spec/views/accounts/_nav_auth.html.erb_spec.rb
+++ b/spec/views/accounts/_nav_auth.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'accounts/_nav_auth.html.erb' do
+RSpec.describe 'accounts/_nav_auth.html.erb' do
   include Devise::Test::ControllerHelpers
 
   before do
diff --git a/spec/views/accounts/connected_accounts/show.html.erb_spec.rb b/spec/views/accounts/connected_accounts/show.html.erb_spec.rb
index f6a640fc0e4..facf70fe2e6 100644
--- a/spec/views/accounts/connected_accounts/show.html.erb_spec.rb
+++ b/spec/views/accounts/connected_accounts/show.html.erb_spec.rb
@@ -1,5 +1,5 @@
 require 'rails_helper'
-describe 'accounts/connected_accounts/show.html.erb' do
+RSpec.describe 'accounts/connected_accounts/show.html.erb' do
   let(:user) { create(:user, :fully_registered, :with_personal_key) }
 
   before do
diff --git a/spec/views/accounts/history/show.html.erb_spec.rb b/spec/views/accounts/history/show.html.erb_spec.rb
index d74657a8b50..3bca386aff1 100644
--- a/spec/views/accounts/history/show.html.erb_spec.rb
+++ b/spec/views/accounts/history/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'accounts/history/show.html.erb' do
+RSpec.describe 'accounts/history/show.html.erb' do
   let(:user) { create(:user, :fully_registered, :with_personal_key) }
 
   before do
diff --git a/spec/views/accounts/show.html.erb_spec.rb b/spec/views/accounts/show.html.erb_spec.rb
index 22638e803d9..1c03c9a708f 100644
--- a/spec/views/accounts/show.html.erb_spec.rb
+++ b/spec/views/accounts/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'accounts/show.html.erb' do
+RSpec.describe 'accounts/show.html.erb' do
   let(:user) { create(:user, :fully_registered, :with_personal_key) }
 
   before do
diff --git a/spec/views/accounts/two_factor_authentication/show.html.erb_spec.rb b/spec/views/accounts/two_factor_authentication/show.html.erb_spec.rb
index c41a11ebc75..66441dfbd63 100644
--- a/spec/views/accounts/two_factor_authentication/show.html.erb_spec.rb
+++ b/spec/views/accounts/two_factor_authentication/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'accounts/two_factor_authentication/show.html.erb' do
+RSpec.describe 'accounts/two_factor_authentication/show.html.erb' do
   let(:user) { create(:user, :fully_registered, :with_personal_key) }
 
   before do
diff --git a/spec/views/devise/passwords/edit.html.erb_spec.rb b/spec/views/devise/passwords/edit.html.erb_spec.rb
index 8acf48fd035..949095def31 100644
--- a/spec/views/devise/passwords/edit.html.erb_spec.rb
+++ b/spec/views/devise/passwords/edit.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'devise/passwords/edit.html.erb' do
+RSpec.describe 'devise/passwords/edit.html.erb' do
   before do
     user = build_stubbed(:user, :fully_registered)
     @reset_password_form = ResetPasswordForm.new(user)
diff --git a/spec/views/devise/passwords/new.html.erb_spec.rb b/spec/views/devise/passwords/new.html.erb_spec.rb
index 0cb65ed7659..678d837c097 100644
--- a/spec/views/devise/passwords/new.html.erb_spec.rb
+++ b/spec/views/devise/passwords/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'devise/passwords/new.html.erb' do
+RSpec.describe 'devise/passwords/new.html.erb' do
   let(:sp) do
     build_stubbed(
       :service_provider,
diff --git a/spec/views/devise/sessions/new.html.erb_spec.rb b/spec/views/devise/sessions/new.html.erb_spec.rb
index d40a514afde..d79724d77dd 100644
--- a/spec/views/devise/sessions/new.html.erb_spec.rb
+++ b/spec/views/devise/sessions/new.html.erb_spec.rb
@@ -1,8 +1,6 @@
 require 'rails_helper'
 
-describe 'devise/sessions/new.html.erb' do
-  let(:sign_in_a_b_test_bucket) { :default }
-
+RSpec.describe 'devise/sessions/new.html.erb' do
   before do
     allow(view).to receive(:resource).and_return(build_stubbed(:user))
     allow(view).to receive(:resource_name).and_return(:user)
@@ -11,7 +9,6 @@
     allow(view).to receive(:decorated_session).and_return(SessionDecorator.new)
     allow_any_instance_of(ActionController::TestRequest).to receive(:path).
       and_return('/')
-    @sign_in_a_b_test_bucket = sign_in_a_b_test_bucket
     assign(:ial, 1)
   end
 
@@ -36,16 +33,19 @@
   it 'has a localized page heading' do
     render
 
-    expect(rendered).to have_selector('h1', text: t('headings.sign_in_without_sp'))
+    expect(rendered).to have_selector('h1', text: t('headings.sign_in_existing_users'))
   end
 
   it 'includes a link to create a new account' do
     render
 
-    expect(rendered).
-      to have_link(
-        t('links.create_account'), href: sign_up_email_url(request_id: nil, source: :sign_in)
-      )
+    expect(rendered).to have_link(t('links.create_account'), href: sign_up_email_url)
+  end
+
+  it 'includes a link to create a new account' do
+    render
+
+    expect(rendered).to have_link(t('links.create_account'), href: sign_up_email_url)
   end
 
   it 'includes a link to security / privacy page and privacy statement act' do
@@ -173,33 +173,4 @@
       expect(rendered).to have_selector('input.email')
     end
   end
-
-  context 'with tabbed layout A/B test' do
-    let(:sign_in_a_b_test_bucket) { :tabbed }
-
-    it 'has a localized page heading' do
-      render
-
-      expect(rendered).to have_selector('h1', text: t('headings.sign_in_existing_users'))
-    end
-
-    it 'includes a link to create a new account' do
-      render
-
-      expect(rendered).to have_link(
-        t('links.create_account'),
-        href: sign_up_email_url(request_id: nil, source: :sign_in),
-      )
-    end
-  end
-
-  context 'with banner A/B test' do
-    let(:sign_in_a_b_test_bucket) { :banner }
-
-    it 'has a localized page heading' do
-      render
-
-      expect(rendered).to have_selector('h1', text: t('headings.sign_in_without_sp'))
-    end
-  end
 end
diff --git a/spec/views/devise/shared/_password_strength.html.erb_spec.rb b/spec/views/devise/shared/_password_strength.html.erb_spec.rb
index 0116d269dff..7d04b321dc9 100644
--- a/spec/views/devise/shared/_password_strength.html.erb_spec.rb
+++ b/spec/views/devise/shared/_password_strength.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'devise/shared/_password_strength.html.erb' do
+RSpec.describe 'devise/shared/_password_strength.html.erb' do
   describe 'forbidden attributes' do
     context 'when local is unassigned' do
       before do
diff --git a/spec/views/forgot_password/show.html.erb_spec.rb b/spec/views/forgot_password/show.html.erb_spec.rb
index 99008731a91..11d0952c901 100644
--- a/spec/views/forgot_password/show.html.erb_spec.rb
+++ b/spec/views/forgot_password/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'forgot_password/show.html.erb' do
+RSpec.describe 'forgot_password/show.html.erb' do
   let(:email) { 'foo@bar.com' }
 
   before do
diff --git a/spec/views/idv/activated.html.erb_spec.rb b/spec/views/idv/activated.html.erb_spec.rb
index 2c38f00e5fa..4a37cbf928b 100644
--- a/spec/views/idv/activated.html.erb_spec.rb
+++ b/spec/views/idv/activated.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/activated.html.erb' do
+RSpec.describe 'idv/activated.html.erb' do
   it 'has a localized title' do
     expect(view).to receive(:title).with(t('idv.titles.activated'))
 
diff --git a/spec/views/idv/address/new.html.erb_spec.rb b/spec/views/idv/address/new.html.erb_spec.rb
index 5947e7e50ec..82d6f818c1c 100644
--- a/spec/views/idv/address/new.html.erb_spec.rb
+++ b/spec/views/idv/address/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/address/new' do
+RSpec.describe 'idv/address/new' do
   let(:parsed_page) { Nokogiri::HTML.parse(rendered) }
 
   before do
diff --git a/spec/views/idv/cancellations/destroy.html.erb_spec.rb b/spec/views/idv/cancellations/destroy.html.erb_spec.rb
index 1017545cda4..1fe9dfb8609 100644
--- a/spec/views/idv/cancellations/destroy.html.erb_spec.rb
+++ b/spec/views/idv/cancellations/destroy.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/cancellations/destroy.html.erb' do
+RSpec.describe 'idv/cancellations/destroy.html.erb' do
   before { render }
 
   it 'renders heading' do
diff --git a/spec/views/idv/cancellations/new.html.erb_spec.rb b/spec/views/idv/cancellations/new.html.erb_spec.rb
index c4eaaff8d78..8e34e2b0ec2 100644
--- a/spec/views/idv/cancellations/new.html.erb_spec.rb
+++ b/spec/views/idv/cancellations/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/cancellations/new.html.erb' do
+RSpec.describe 'idv/cancellations/new.html.erb' do
   let(:hybrid_session) { false }
   let(:params) { ActionController::Parameters.new }
   let(:sp_name) { nil }
diff --git a/spec/views/idv/come_back_later/show.html.erb_spec.rb b/spec/views/idv/come_back_later/show.html.erb_spec.rb
index 6d449dab733..0e6370643fb 100644
--- a/spec/views/idv/come_back_later/show.html.erb_spec.rb
+++ b/spec/views/idv/come_back_later/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/come_back_later/show.html.erb' do
+RSpec.describe 'idv/come_back_later/show.html.erb' do
   let(:sp_name) { '🔒🌐💻' }
   let(:step_indicator_steps) { Idv::Flows::DocAuthFlow::STEP_INDICATOR_STEPS_GPO }
 
diff --git a/spec/views/idv/doc_auth/_cancel.html.erb_spec.rb b/spec/views/idv/doc_auth/_cancel.html.erb_spec.rb
index b5cbf8f5351..df8e6b34b96 100644
--- a/spec/views/idv/doc_auth/_cancel.html.erb_spec.rb
+++ b/spec/views/idv/doc_auth/_cancel.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/doc_auth/_cancel.html.erb' do
+RSpec.describe 'idv/doc_auth/_cancel.html.erb' do
   include Devise::Test::ControllerHelpers
 
   let(:locals) { {} }
diff --git a/spec/views/idv/doc_auth/agreement.html.erb_spec.rb b/spec/views/idv/doc_auth/agreement.html.erb_spec.rb
index 85657476151..394cb23ad7d 100644
--- a/spec/views/idv/doc_auth/agreement.html.erb_spec.rb
+++ b/spec/views/idv/doc_auth/agreement.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/doc_auth/agreement' do
+RSpec.describe 'idv/doc_auth/agreement' do
   let(:flow_session) { {} }
 
   before do
diff --git a/spec/views/idv/doc_auth/welcome.html.erb_spec.rb b/spec/views/idv/doc_auth/welcome.html.erb_spec.rb
index 9af15f12cbb..9705974b6d0 100644
--- a/spec/views/idv/doc_auth/welcome.html.erb_spec.rb
+++ b/spec/views/idv/doc_auth/welcome.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/doc_auth/welcome.html.erb' do
+RSpec.describe 'idv/doc_auth/welcome.html.erb' do
   let(:flow_session) { {} }
   let(:user_fully_authenticated) { true }
   let(:sp_name) { nil }
diff --git a/spec/views/idv/gpo/index.html.erb_spec.rb b/spec/views/idv/gpo/index.html.erb_spec.rb
index 78859bb7fa9..e4a588c2b02 100644
--- a/spec/views/idv/gpo/index.html.erb_spec.rb
+++ b/spec/views/idv/gpo/index.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/gpo/index.html.erb' do
+RSpec.describe 'idv/gpo/index.html.erb' do
   let(:resend_requested) { false }
   let(:user_needs_address_otp_verification) { false }
   let(:go_back_path) { nil }
diff --git a/spec/views/idv/gpo_verify/index.html.erb_spec.rb b/spec/views/idv/gpo_verify/index.html.erb_spec.rb
index c60065c63de..b5fb25cfe5b 100644
--- a/spec/views/idv/gpo_verify/index.html.erb_spec.rb
+++ b/spec/views/idv/gpo_verify/index.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/gpo_verify/index.html.erb' do
+RSpec.describe 'idv/gpo_verify/index.html.erb' do
   let(:user) do
     create(:user)
   end
diff --git a/spec/views/idv/in_person/ready_to_verify/show.html.erb_spec.rb b/spec/views/idv/in_person/ready_to_verify/show.html.erb_spec.rb
index 7b8f94dc4cf..e529fed023a 100644
--- a/spec/views/idv/in_person/ready_to_verify/show.html.erb_spec.rb
+++ b/spec/views/idv/in_person/ready_to_verify/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/in_person/ready_to_verify/show.html.erb' do
+RSpec.describe 'idv/in_person/ready_to_verify/show.html.erb' do
   include Devise::Test::ControllerHelpers
 
   let(:user) { build(:user) }
diff --git a/spec/views/idv/in_person/ssn.html.erb_spec.rb b/spec/views/idv/in_person/ssn.html.erb_spec.rb
index eea6ce8bcab..47abb0a7750 100644
--- a/spec/views/idv/in_person/ssn.html.erb_spec.rb
+++ b/spec/views/idv/in_person/ssn.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/in_person/ssn.html.erb' do
+RSpec.describe 'idv/in_person/ssn.html.erb' do
   include Devise::Test::ControllerHelpers
 
   let(:threatmetrix_enabled) { nil }
diff --git a/spec/views/idv/phone/new.html.erb_spec.rb b/spec/views/idv/phone/new.html.erb_spec.rb
index eef92ef544c..08acf2b8a87 100644
--- a/spec/views/idv/phone/new.html.erb_spec.rb
+++ b/spec/views/idv/phone/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/phone/new.html.erb' do
+RSpec.describe 'idv/phone/new.html.erb' do
   let(:gpo_letter_available) { false }
   let(:step_indicator_steps) { Idv::Flows::DocAuthFlow::STEP_INDICATOR_STEPS }
 
diff --git a/spec/views/idv/phone_errors/_warning.html.erb_spec.rb b/spec/views/idv/phone_errors/_warning.html.erb_spec.rb
index 1e91c001284..bb5166330e0 100644
--- a/spec/views/idv/phone_errors/_warning.html.erb_spec.rb
+++ b/spec/views/idv/phone_errors/_warning.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/phone_errors/_warning.html.erb' do
+RSpec.describe 'idv/phone_errors/_warning.html.erb' do
   let(:sp_name) { nil }
   let(:text) { 'A problem occurred' }
   let(:assigns) { {} }
diff --git a/spec/views/idv/phone_errors/failure.html.erb_spec.rb b/spec/views/idv/phone_errors/failure.html.erb_spec.rb
index 9367bae1c66..4fc735ba668 100644
--- a/spec/views/idv/phone_errors/failure.html.erb_spec.rb
+++ b/spec/views/idv/phone_errors/failure.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/phone_errors/failure.html.erb' do
+RSpec.describe 'idv/phone_errors/failure.html.erb' do
   let(:sp_name) { 'Example SP' }
   let(:timeout_hours) { 6 }
   let(:gpo_letter_available) { true }
diff --git a/spec/views/idv/phone_errors/jobfail.html.erb_spec.rb b/spec/views/idv/phone_errors/jobfail.html.erb_spec.rb
index 92f1d5a77e9..a9ea0c0039a 100644
--- a/spec/views/idv/phone_errors/jobfail.html.erb_spec.rb
+++ b/spec/views/idv/phone_errors/jobfail.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/phone_errors/jobfail.html.erb' do
+RSpec.describe 'idv/phone_errors/jobfail.html.erb' do
   let(:sp_name) { 'Example SP' }
   let(:gpo_letter_available) { false }
 
diff --git a/spec/views/idv/phone_errors/timeout.html.erb_spec.rb b/spec/views/idv/phone_errors/timeout.html.erb_spec.rb
index 0c481b89724..d31edb9271b 100644
--- a/spec/views/idv/phone_errors/timeout.html.erb_spec.rb
+++ b/spec/views/idv/phone_errors/timeout.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/phone_errors/timeout.html.erb' do
+RSpec.describe 'idv/phone_errors/timeout.html.erb' do
   let(:sp_name) { 'Example SP' }
   let(:gpo_letter_available) { false }
 
diff --git a/spec/views/idv/phone_errors/warning.html.erb_spec.rb b/spec/views/idv/phone_errors/warning.html.erb_spec.rb
index 3a2adff744c..75dc851218e 100644
--- a/spec/views/idv/phone_errors/warning.html.erb_spec.rb
+++ b/spec/views/idv/phone_errors/warning.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/phone_errors/warning.html.erb' do
+RSpec.describe 'idv/phone_errors/warning.html.erb' do
   include Devise::Test::ControllerHelpers
 
   let(:sp_name) { 'Example SP' }
diff --git a/spec/views/idv/please_call/show.html.erb_spec.rb b/spec/views/idv/please_call/show.html.erb_spec.rb
index 71ca3b45267..55306635524 100644
--- a/spec/views/idv/please_call/show.html.erb_spec.rb
+++ b/spec/views/idv/please_call/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/please_call/show.html.erb' do
+RSpec.describe 'idv/please_call/show.html.erb' do
   before do
     @call_by_date = Date.new(2023, 10, 13)
     render
diff --git a/spec/views/idv/review/new.html.erb_spec.rb b/spec/views/idv/review/new.html.erb_spec.rb
index aee5227aafb..4817a097499 100644
--- a/spec/views/idv/review/new.html.erb_spec.rb
+++ b/spec/views/idv/review/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/review/new.html.erb' do
+RSpec.describe 'idv/review/new.html.erb' do
   include XPathHelper
 
   context 'user has completed all steps' do
diff --git a/spec/views/idv/session_errors/exception.html.erb_spec.rb b/spec/views/idv/session_errors/exception.html.erb_spec.rb
index 614df157ab5..91f903a182c 100644
--- a/spec/views/idv/session_errors/exception.html.erb_spec.rb
+++ b/spec/views/idv/session_errors/exception.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/session_errors/exception.html.erb' do
+RSpec.describe 'idv/session_errors/exception.html.erb' do
   let(:sp_name) { nil }
   let(:sp_issuer) { nil }
   let(:try_again_path) { '/example/path' }
diff --git a/spec/views/idv/session_errors/failure.html.erb_spec.rb b/spec/views/idv/session_errors/failure.html.erb_spec.rb
index 63cd918ca23..37e4909fa54 100644
--- a/spec/views/idv/session_errors/failure.html.erb_spec.rb
+++ b/spec/views/idv/session_errors/failure.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/session_errors/failure.html.erb' do
+RSpec.describe 'idv/session_errors/failure.html.erb' do
   let(:sp_name) { nil }
   let(:timeout_hours) { 6 }
 
diff --git a/spec/views/idv/session_errors/state_id_warning.html.erb_spec.rb b/spec/views/idv/session_errors/state_id_warning.html.erb_spec.rb
index 44933745816..3d18eab4195 100644
--- a/spec/views/idv/session_errors/state_id_warning.html.erb_spec.rb
+++ b/spec/views/idv/session_errors/state_id_warning.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/session_errors/state_id_warning.html.erb' do
+RSpec.describe 'idv/session_errors/state_id_warning.html.erb' do
   before do
     assign(:try_again_path, '/try_again')
 
diff --git a/spec/views/idv/session_errors/throttled.html.erb_spec.rb b/spec/views/idv/session_errors/throttled.html.erb_spec.rb
index 5ad29ee7d74..66a0778a5bb 100644
--- a/spec/views/idv/session_errors/throttled.html.erb_spec.rb
+++ b/spec/views/idv/session_errors/throttled.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/session_errors/throttled.html.erb' do
+RSpec.describe 'idv/session_errors/throttled.html.erb' do
   let(:sp_name) { nil }
   let(:sp_issuer) { nil }
 
diff --git a/spec/views/idv/session_errors/warning.html.erb_spec.rb b/spec/views/idv/session_errors/warning.html.erb_spec.rb
index 71d1e6eabef..3de391005ab 100644
--- a/spec/views/idv/session_errors/warning.html.erb_spec.rb
+++ b/spec/views/idv/session_errors/warning.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/session_errors/warning.html.erb' do
+RSpec.describe 'idv/session_errors/warning.html.erb' do
   let(:sp_name) { nil }
   let(:try_again_path) { '/example/path' }
   let(:remaining_attempts) { 5 }
diff --git a/spec/views/idv/shared/_back.html.erb_spec.rb b/spec/views/idv/shared/_back.html.erb_spec.rb
index 83d004fef13..4ab6dedaf05 100644
--- a/spec/views/idv/shared/_back.html.erb_spec.rb
+++ b/spec/views/idv/shared/_back.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/doc_auth/_back.html.erb' do
+RSpec.describe 'idv/doc_auth/_back.html.erb' do
   let(:step_url) { nil }
   let(:action) { nil }
   let(:step) { nil }
diff --git a/spec/views/idv/shared/_document_capture.html.erb_spec.rb b/spec/views/idv/shared/_document_capture.html.erb_spec.rb
index 383fc251d97..514825208b3 100644
--- a/spec/views/idv/shared/_document_capture.html.erb_spec.rb
+++ b/spec/views/idv/shared/_document_capture.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/shared/_document_capture.html.erb' do
+RSpec.describe 'idv/shared/_document_capture.html.erb' do
   include Devise::Test::ControllerHelpers
 
   let(:document_capture_session_uuid) { nil }
diff --git a/spec/views/idv/shared/_error.html.erb_spec.rb b/spec/views/idv/shared/_error.html.erb_spec.rb
index 8ab6c5f2225..37c6f6a8587 100644
--- a/spec/views/idv/shared/_error.html.erb_spec.rb
+++ b/spec/views/idv/shared/_error.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/shared/_error.html.erb' do
+RSpec.describe 'idv/shared/_error.html.erb' do
   let(:sp_name) { nil }
   let(:options) { [{ text: 'Example', url: '#example' }] }
   let(:heading) { 'Error' }
diff --git a/spec/views/idv/unavailable/show.html.erb_spec.rb b/spec/views/idv/unavailable/show.html.erb_spec.rb
index 502a5e2f796..182fdd1ab20 100644
--- a/spec/views/idv/unavailable/show.html.erb_spec.rb
+++ b/spec/views/idv/unavailable/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'idv/unavailable/show.html.erb' do
+RSpec.describe 'idv/unavailable/show.html.erb' do
   let(:sp_name) { nil }
   subject(:rendered) { render }
 
diff --git a/spec/views/layouts/application.html.erb_spec.rb b/spec/views/layouts/application.html.erb_spec.rb
index a6bb4ba9008..f1f53f1fb05 100644
--- a/spec/views/layouts/application.html.erb_spec.rb
+++ b/spec/views/layouts/application.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'layouts/application.html.erb' do
+RSpec.describe 'layouts/application.html.erb' do
   include Devise::Test::ControllerHelpers
 
   before do
diff --git a/spec/views/layouts/user_mailer.html.erb_spec.rb b/spec/views/layouts/user_mailer.html.erb_spec.rb
index 1b14de82e26..eb965c1f185 100644
--- a/spec/views/layouts/user_mailer.html.erb_spec.rb
+++ b/spec/views/layouts/user_mailer.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'layouts/user_mailer.html.erb' do
+RSpec.describe 'layouts/user_mailer.html.erb' do
   let(:user) { build_stubbed(:user) }
 
   before do
diff --git a/spec/views/mfa_confirmation/show.html.erb_spec.rb b/spec/views/mfa_confirmation/show.html.erb_spec.rb
index 2b53e5e6c9a..888af368e0f 100644
--- a/spec/views/mfa_confirmation/show.html.erb_spec.rb
+++ b/spec/views/mfa_confirmation/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'mfa_confirmation/show.html.erb' do
+RSpec.describe 'mfa_confirmation/show.html.erb' do
   let(:user) { create(:user, :fully_registered, :with_personal_key) }
 
   before do
diff --git a/spec/views/partials/multi_factor_authentication/_mfa_selection.html.erb_spec.rb b/spec/views/partials/multi_factor_authentication/_mfa_selection.html.erb_spec.rb
index 63c822a7b00..81d122c8468 100644
--- a/spec/views/partials/multi_factor_authentication/_mfa_selection.html.erb_spec.rb
+++ b/spec/views/partials/multi_factor_authentication/_mfa_selection.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'partials/multi_factor_authentication/_mfa_selection.html.erb' do
+RSpec.describe 'partials/multi_factor_authentication/_mfa_selection.html.erb' do
   include SimpleForm::ActionViewExtensions::FormHelper
   include Devise::Test::ControllerHelpers
 
diff --git a/spec/views/partials/personal_key/_key.html.erb_spec.rb b/spec/views/partials/personal_key/_key.html.erb_spec.rb
index 3ebe343e661..31e19ef72e3 100644
--- a/spec/views/partials/personal_key/_key.html.erb_spec.rb
+++ b/spec/views/partials/personal_key/_key.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'partials/personal_key/_key.html.erb' do
+RSpec.describe 'partials/personal_key/_key.html.erb' do
   let(:personal_key) { 'abcd-efgh-ijkl-mnop' }
   let(:locals) do
     {
diff --git a/spec/views/phone_setup/index.html.erb_spec.rb b/spec/views/phone_setup/index.html.erb_spec.rb
index 70f9ff0d834..9fc2896333c 100644
--- a/spec/views/phone_setup/index.html.erb_spec.rb
+++ b/spec/views/phone_setup/index.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/phone_setup/index.html.erb' do
+RSpec.describe 'users/phone_setup/index.html.erb' do
   before do
     user = build_stubbed(:user)
 
diff --git a/spec/views/phone_setup/spam_protection.html.erb_spec.rb b/spec/views/phone_setup/spam_protection.html.erb_spec.rb
index 8d5ef4a66c1..3fd76d2e04f 100644
--- a/spec/views/phone_setup/spam_protection.html.erb_spec.rb
+++ b/spec/views/phone_setup/spam_protection.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/phone_setup/spam_protection.html.erb' do
+RSpec.describe 'users/phone_setup/spam_protection.html.erb' do
   let(:user) { build_stubbed(:user) }
   let(:form) { NewPhoneForm.new(user:) }
   let(:locals) { {} }
diff --git a/spec/views/reactivate_account/index.html.erb_spec.rb b/spec/views/reactivate_account/index.html.erb_spec.rb
index 3aca5ed3a7a..a5b33418cb6 100644
--- a/spec/views/reactivate_account/index.html.erb_spec.rb
+++ b/spec/views/reactivate_account/index.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'reactivate_account/index.html.erb' do
+RSpec.describe 'reactivate_account/index.html.erb' do
   subject(:rendered) do
     render
   end
diff --git a/spec/views/shared/_address.html.erb_spec.rb b/spec/views/shared/_address.html.erb_spec.rb
index b4df7833624..2084866408c 100644
--- a/spec/views/shared/_address.html.erb_spec.rb
+++ b/spec/views/shared/_address.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'shared/_address.html.erb' do
+RSpec.describe 'shared/_address.html.erb' do
   let(:address) do
     {
       address1: '123 Fake St',
diff --git a/spec/views/shared/_banner.html.erb_spec.rb b/spec/views/shared/_banner.html.erb_spec.rb
index 8d2369925be..a78a7ddde8a 100644
--- a/spec/views/shared/_banner.html.erb_spec.rb
+++ b/spec/views/shared/_banner.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'shared/_banner.html.erb' do
+RSpec.describe 'shared/_banner.html.erb' do
   before do
     sp_with_logo = build_stubbed(
       :service_provider, logo: 'generic.svg', friendly_name: 'Best SP ever'
diff --git a/spec/views/shared/_footer_lite.html.erb_spec.rb b/spec/views/shared/_footer_lite.html.erb_spec.rb
index 9cbf145e0f5..1351115368e 100644
--- a/spec/views/shared/_footer_lite.html.erb_spec.rb
+++ b/spec/views/shared/_footer_lite.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'shared/_footer_lite.html.erb' do
+RSpec.describe 'shared/_footer_lite.html.erb' do
   context 'user is signed out' do
     before do
       controller.request.path_parameters[:controller] = 'users/sessions'
diff --git a/spec/views/shared/_masked_text.html.erb_spec.rb b/spec/views/shared/_masked_text.html.erb_spec.rb
index e0cfea9165f..10c48d287d1 100644
--- a/spec/views/shared/_masked_text.html.erb_spec.rb
+++ b/spec/views/shared/_masked_text.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'shared/_masked_text.html.erb' do
+RSpec.describe 'shared/_masked_text.html.erb' do
   let(:text) { 'password' }
   let(:masked_text) { '********' }
   let(:accessible_masked_text) { 'secure text' }
diff --git a/spec/views/shared/_nav_branded.html.erb_spec.rb b/spec/views/shared/_nav_branded.html.erb_spec.rb
index ff9f034c7d5..2b223ee0fd8 100644
--- a/spec/views/shared/_nav_branded.html.erb_spec.rb
+++ b/spec/views/shared/_nav_branded.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'shared/_nav_branded.html.erb' do
+RSpec.describe 'shared/_nav_branded.html.erb' do
   let(:view_context) { ActionController::Base.new.view_context }
 
   context 'with a SP-logo configured' do
diff --git a/spec/views/shared/_nav_lite.html.erb_spec.rb b/spec/views/shared/_nav_lite.html.erb_spec.rb
index b09ecf2c8e6..a7445a84ceb 100644
--- a/spec/views/shared/_nav_lite.html.erb_spec.rb
+++ b/spec/views/shared/_nav_lite.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'shared/_nav_lite.html.erb' do
+RSpec.describe 'shared/_nav_lite.html.erb' do
   context 'user is signed out' do
     before do
       allow(view).to receive(:signed_in?).and_return(false)
diff --git a/spec/views/shared/_troubleshooting_options.html.erb_spec.rb b/spec/views/shared/_troubleshooting_options.html.erb_spec.rb
index 44f25d22669..9b1d2d7d10c 100644
--- a/spec/views/shared/_troubleshooting_options.html.erb_spec.rb
+++ b/spec/views/shared/_troubleshooting_options.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'shared/_troubleshooting_options.html.erb' do
+RSpec.describe 'shared/_troubleshooting_options.html.erb' do
   let(:heading) { '' }
   let(:heading_tag) { nil }
   let(:options) { [{ text: 'One', url: '#one' }, { text: 'Two', url: '#two' }] }
diff --git a/spec/views/sign_up/completions/show.html.erb_spec.rb b/spec/views/sign_up/completions/show.html.erb_spec.rb
index 05eb62cf78b..66e4e30bd35 100644
--- a/spec/views/sign_up/completions/show.html.erb_spec.rb
+++ b/spec/views/sign_up/completions/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'sign_up/completions/show.html.erb' do
+RSpec.describe 'sign_up/completions/show.html.erb' do
   let(:user) { create(:user, :fully_registered) }
   let(:service_provider) { create(:service_provider) }
   let(:decrypted_pii) { {} }
diff --git a/spec/views/sign_up/email_resend/new.html.erb_spec.rb b/spec/views/sign_up/email_resend/new.html.erb_spec.rb
index d34ef236fe1..01bc1afeeaf 100644
--- a/spec/views/sign_up/email_resend/new.html.erb_spec.rb
+++ b/spec/views/sign_up/email_resend/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'sign_up/email_resend/new.html.erb' do
+RSpec.describe 'sign_up/email_resend/new.html.erb' do
   before do
     @user = User.new
     @resend_email_confirmation_form = ResendEmailConfirmationForm.new
diff --git a/spec/views/sign_up/emails/show.html.erb_spec.rb b/spec/views/sign_up/emails/show.html.erb_spec.rb
index 0a59f8d6583..ae928947cb1 100644
--- a/spec/views/sign_up/emails/show.html.erb_spec.rb
+++ b/spec/views/sign_up/emails/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'sign_up/emails/show.html.erb' do
+RSpec.describe 'sign_up/emails/show.html.erb' do
   before do
     allow(view).to receive(:email).and_return('foo@bar.com')
     @resend_email_confirmation_form = ResendEmailConfirmationForm.new
diff --git a/spec/views/sign_up/passwords/new.html.erb_spec.rb b/spec/views/sign_up/passwords/new.html.erb_spec.rb
index b7e6651b7ee..7131adce80b 100644
--- a/spec/views/sign_up/passwords/new.html.erb_spec.rb
+++ b/spec/views/sign_up/passwords/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'sign_up/passwords/new.html.erb' do
+RSpec.describe 'sign_up/passwords/new.html.erb' do
   let(:user) { build_stubbed(:user) }
 
   before do
diff --git a/spec/views/sign_up/registrations/new.html.erb_spec.rb b/spec/views/sign_up/registrations/new.html.erb_spec.rb
index b86a300aebd..8927e106967 100644
--- a/spec/views/sign_up/registrations/new.html.erb_spec.rb
+++ b/spec/views/sign_up/registrations/new.html.erb_spec.rb
@@ -1,8 +1,6 @@
 require 'rails_helper'
 
-describe 'sign_up/registrations/new.html.erb' do
-  let(:sign_in_a_b_test_bucket) { :default }
-
+RSpec.describe 'sign_up/registrations/new.html.erb' do
   let(:sp) do
     build_stubbed(
       :service_provider,
@@ -17,7 +15,6 @@
       analytics: FakeAnalytics.new,
       attempts_tracker: IrsAttemptsApiTrackingHelper::FakeAttemptsTracker.new,
     )
-    @sign_in_a_b_test_bucket = sign_in_a_b_test_bucket
     view_context = ActionController::Base.new.view_context
     allow(view_context).to receive(:new_user_session_url).
       and_return('https://www.example.com/')
@@ -44,7 +41,16 @@
   it 'has a localized page heading' do
     render
 
-    expect(rendered).to have_selector('h1', text: t('titles.registrations.new'))
+    expect(rendered).to have_selector('h1', text: t('headings.create_account_new_users'))
+  end
+
+  it 'includes a link to sign in' do
+    render
+
+    expect(rendered).to have_link(
+      t('links.next'),
+      href: new_user_session_url(request_id: nil),
+    )
   end
 
   it 'sets form autocomplete to off' do
@@ -79,23 +85,4 @@
 [target='_blank'][rel='noopener noreferrer']",
       )
   end
-
-  context 'with tabbed layout A/B test' do
-    let(:sign_in_a_b_test_bucket) { :tabbed }
-
-    it 'has a localized page heading' do
-      render
-
-      expect(rendered).to have_selector('h1', text: t('headings.create_account_new_users'))
-    end
-
-    it 'includes a link to sign in' do
-      render
-
-      expect(rendered).to have_link(
-        t('links.next'),
-        href: new_user_session_url(request_id: nil),
-      )
-    end
-  end
 end
diff --git a/spec/views/two_factor_authentication/options/index.html.erb_spec.rb b/spec/views/two_factor_authentication/options/index.html.erb_spec.rb
index 9e3eca0acca..398487a5f9a 100644
--- a/spec/views/two_factor_authentication/options/index.html.erb_spec.rb
+++ b/spec/views/two_factor_authentication/options/index.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'two_factor_authentication/options/index.html.erb' do
+RSpec.describe 'two_factor_authentication/options/index.html.erb' do
   let(:user) { User.new }
   before do
     allow(view).to receive(:user_session).and_return({})
diff --git a/spec/views/two_factor_authentication/otp_expired/show.html.erb_spec.rb b/spec/views/two_factor_authentication/otp_expired/show.html.erb_spec.rb
index bc49b6a2a2d..1ccc8f6f2ca 100644
--- a/spec/views/two_factor_authentication/otp_expired/show.html.erb_spec.rb
+++ b/spec/views/two_factor_authentication/otp_expired/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'two_factor_authentication/otp_expired/show.html.erb' do
+RSpec.describe 'two_factor_authentication/otp_expired/show.html.erb' do
   it 'has a localized title' do
     expect(view).to receive(:title).with(t('titles.otp_expired'))
 
diff --git a/spec/views/two_factor_authentication/otp_verification/show.html.erb_spec.rb b/spec/views/two_factor_authentication/otp_verification/show.html.erb_spec.rb
index 8903b9c56b0..92052a09c7f 100644
--- a/spec/views/two_factor_authentication/otp_verification/show.html.erb_spec.rb
+++ b/spec/views/two_factor_authentication/otp_verification/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'two_factor_authentication/otp_verification/show.html.erb' do
+RSpec.describe 'two_factor_authentication/otp_verification/show.html.erb' do
   let(:presenter_data) do
     {
       otp_delivery_preference: 'sms',
diff --git a/spec/views/two_factor_authentication/personal_key_verification/show.html.erb_spec.rb b/spec/views/two_factor_authentication/personal_key_verification/show.html.erb_spec.rb
index c79e692989e..d0f4b96261f 100644
--- a/spec/views/two_factor_authentication/personal_key_verification/show.html.erb_spec.rb
+++ b/spec/views/two_factor_authentication/personal_key_verification/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'two_factor_authentication/personal_key_verification/show.html.erb' do
+RSpec.describe 'two_factor_authentication/personal_key_verification/show.html.erb' do
   let(:user) { create(:user, :fully_registered) }
 
   before do
diff --git a/spec/views/two_factor_authentication/totp_verification/show.html.erb_spec.rb b/spec/views/two_factor_authentication/totp_verification/show.html.erb_spec.rb
index 33511b30bce..1649f40b30d 100644
--- a/spec/views/two_factor_authentication/totp_verification/show.html.erb_spec.rb
+++ b/spec/views/two_factor_authentication/totp_verification/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'two_factor_authentication/totp_verification/show.html.erb' do
+RSpec.describe 'two_factor_authentication/totp_verification/show.html.erb' do
   let(:user) { create(:user, :fully_registered, :with_authentication_app) }
   let(:presenter_data) do
     attributes_for(:generic_otp_presenter).merge(
diff --git a/spec/views/users/backup_code_setup/create.html.erb_spec.rb b/spec/views/users/backup_code_setup/create.html.erb_spec.rb
index 63186ff5dc1..da621279405 100644
--- a/spec/views/users/backup_code_setup/create.html.erb_spec.rb
+++ b/spec/views/users/backup_code_setup/create.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/backup_code_setup/create.html.erb' do
+RSpec.describe 'users/backup_code_setup/create.html.erb' do
   let(:user) { build(:user, :fully_registered) }
 
   before do
diff --git a/spec/views/users/backup_code_setup/index.html.erb_spec.rb b/spec/views/users/backup_code_setup/index.html.erb_spec.rb
index c849f03e7dd..35a56eb8e81 100644
--- a/spec/views/users/backup_code_setup/index.html.erb_spec.rb
+++ b/spec/views/users/backup_code_setup/index.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/backup_code_setup/index.html.erb' do
+RSpec.describe 'users/backup_code_setup/index.html.erb' do
   let(:user) { build(:user) }
 
   before do
diff --git a/spec/views/users/backup_code_setup/reminder.html.erb_spec.rb b/spec/views/users/backup_code_setup/reminder.html.erb_spec.rb
index e8210957217..8010d6b28d2 100644
--- a/spec/views/users/backup_code_setup/reminder.html.erb_spec.rb
+++ b/spec/views/users/backup_code_setup/reminder.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/backup_code_setup/reminder.html.erb' do
+RSpec.describe 'users/backup_code_setup/reminder.html.erb' do
   it 'has a localized title' do
     expect(view).to receive(:title).with( \
       t('forms.backup_code.title'),
diff --git a/spec/views/users/delete/show.html.erb_spec.rb b/spec/views/users/delete/show.html.erb_spec.rb
index 6e575799b08..022074309f5 100644
--- a/spec/views/users/delete/show.html.erb_spec.rb
+++ b/spec/views/users/delete/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/delete/show.html.erb' do
+RSpec.describe 'users/delete/show.html.erb' do
   let(:user) { build_stubbed(:user, :fully_registered) }
 
   before do
diff --git a/spec/views/users/edit_phone/remove_phone.html.erb_spec.rb b/spec/views/users/edit_phone/remove_phone.html.erb_spec.rb
index 07d9102acb8..528fb2f71ce 100644
--- a/spec/views/users/edit_phone/remove_phone.html.erb_spec.rb
+++ b/spec/views/users/edit_phone/remove_phone.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/edit_phone/_remove_phone.html.erb' do
+RSpec.describe 'users/edit_phone/_remove_phone.html.erb' do
   include Devise::Test::ControllerHelpers
 
   let(:user) { create(:user, :with_phone) }
diff --git a/spec/views/users/passwords/edit.html.erb_spec.rb b/spec/views/users/passwords/edit.html.erb_spec.rb
index 974c03cbce5..7180b556452 100644
--- a/spec/views/users/passwords/edit.html.erb_spec.rb
+++ b/spec/views/users/passwords/edit.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/passwords/edit.html.erb' do
+RSpec.describe 'users/passwords/edit.html.erb' do
   before do
     user = User.new
     allow(view).to receive(:current_user).and_return(user)
diff --git a/spec/views/users/phones/add.html.erb_spec.rb b/spec/views/users/phones/add.html.erb_spec.rb
index cbb31e92be2..30def5bdbb4 100644
--- a/spec/views/users/phones/add.html.erb_spec.rb
+++ b/spec/views/users/phones/add.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/phones/add.html.erb' do
+RSpec.describe 'users/phones/add.html.erb' do
   include Devise::Test::ControllerHelpers
 
   subject(:rendered) { render }
diff --git a/spec/views/users/piv_cac_authentication_setup/new.html.erb_spec.rb b/spec/views/users/piv_cac_authentication_setup/new.html.erb_spec.rb
index 98545997cdf..470609ab22d 100644
--- a/spec/views/users/piv_cac_authentication_setup/new.html.erb_spec.rb
+++ b/spec/views/users/piv_cac_authentication_setup/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/piv_cac_authentication_setup/new.html.erb' do
+RSpec.describe 'users/piv_cac_authentication_setup/new.html.erb' do
   context 'user has sufficient factors' do
     it 'renders a link to cancel and go back to the account page' do
       user = create(:user, :fully_registered)
diff --git a/spec/views/users/shared/_otp_delivery_preference_selection.html.erb_spec.rb b/spec/views/users/shared/_otp_delivery_preference_selection.html.erb_spec.rb
index e12c102cee1..57be21bdbe1 100644
--- a/spec/views/users/shared/_otp_delivery_preference_selection.html.erb_spec.rb
+++ b/spec/views/users/shared/_otp_delivery_preference_selection.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/shared/_otp_delivery_preference_selection.html.erb' do
+RSpec.describe 'users/shared/_otp_delivery_preference_selection.html.erb' do
   let(:user) { build_stubbed(:user) }
 
   subject(:rendered) do
diff --git a/spec/views/users/totp_setup/new.html.erb_spec.rb b/spec/views/users/totp_setup/new.html.erb_spec.rb
index c5e77ded4e8..9f38718b8ae 100644
--- a/spec/views/users/totp_setup/new.html.erb_spec.rb
+++ b/spec/views/users/totp_setup/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/totp_setup/new.html.erb' do
+RSpec.describe 'users/totp_setup/new.html.erb' do
   let(:user) { create(:user, :fully_registered) }
 
   context 'user has sufficient factors enabled' do
diff --git a/spec/views/users/two_factor_authentication_setup/index.html.erb_spec.rb b/spec/views/users/two_factor_authentication_setup/index.html.erb_spec.rb
index 6f6c70e3453..b7ecb9d1972 100644
--- a/spec/views/users/two_factor_authentication_setup/index.html.erb_spec.rb
+++ b/spec/views/users/two_factor_authentication_setup/index.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/two_factor_authentication_setup/index.html.erb' do
+RSpec.describe 'users/two_factor_authentication_setup/index.html.erb' do
   include Devise::Test::ControllerHelpers
 
   subject(:rendered) { render }
diff --git a/spec/views/users/webauthn_setup/new.html.erb_spec.rb b/spec/views/users/webauthn_setup/new.html.erb_spec.rb
index a9a3f515c6e..a9975da6509 100644
--- a/spec/views/users/webauthn_setup/new.html.erb_spec.rb
+++ b/spec/views/users/webauthn_setup/new.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'users/webauthn_setup/new.html.erb' do
+RSpec.describe 'users/webauthn_setup/new.html.erb' do
   let(:user) { create(:user, :fully_registered) }
 
   context 'webauthn platform' do
diff --git a/spec/views/vendor_outage/show.html.erb_spec.rb b/spec/views/vendor_outage/show.html.erb_spec.rb
index 1a479a63f7e..d5088073347 100644
--- a/spec/views/vendor_outage/show.html.erb_spec.rb
+++ b/spec/views/vendor_outage/show.html.erb_spec.rb
@@ -1,6 +1,6 @@
 require 'rails_helper'
 
-describe 'vendor_outage/show.html.erb' do
+RSpec.describe 'vendor_outage/show.html.erb' do
   let(:show_gpo_option) { false }
 
   subject(:rendered) { render }