Mi Banco API integration & OpenFinance Chile services

OpenData · OpenFinance · Protocol analysis · Chilean banking

Connect Mi Banco accounts, balances, statements and Mi Pass authorization to your stack

Mi Banco is the official mobile channel of Banco de Chile, one of Chile's three largest financial institutions, with a checking-account, credit-card and bill-payment dataset that is highly relevant for fintech, ERP and treasury platforms. We build Mi Banco protocol analysis, login flows, transaction and statement APIs, and Mi Pass strong-customer-authentication adapters so your platform reads and acts on Banco de Chile data using a clean, modern interface.

Account and card balances — Read CLP and USD checking accounts, line-of-credit utilization and credit-card balances with intraday refresh.

Transaction history & statements — Paged transaction queries by date range, currency or counterparty, with JSON, CSV and PDF export for accounting reconciliation.

Transfers & bill payments — Initiate third-party transfers, credit-card pay-down and Cuentas de Servicio (utility) payments through a unified payload.

Mi Pass authorization — Strong-customer-authentication adapter that replaces DigiPass and binds operations to the registered device using the customer's MI PIN.

Why Mi Banco data matters for OpenFinance integrations

Banco de Chile reaches millions of retail and SME customers through Mi Banco and the parallel Banco Edwards channel, and the dataset behind that experience covers the full lifecycle of a Chilean banking relationship: identity, deposit accounts, credit cards, lines of credit, recurring utility bills, transfer beneficiaries and ATM operations. For aggregators, accounting platforms and treasury teams, that is exactly the spine of data needed to reconcile invoices, run cash-flow forecasts and enrich risk models.

The Comisión para el Mercado Financiero (CMF) published the implementing regulation for the Sistema de Finanzas Abiertas (SFA) under Chile's Fintech Law (Ley 21.521). Once the SFA enters force in mid-2026, banks such as Banco de Chile will be obligated to expose user-consented APIs across deposit accounts, payment accounts, credit products and payment initiation. We design integrations that work today and slot directly into the SFA rails as banks roll them out.

Until the SFA is fully live, we work with documented Mi Banco protocols, signed customer authorizations and Banco de Chile's API developer portal sandbox so your platform never relies on undocumented or unstable workarounds.

What we deliver

Deliverables checklist

OpenAPI 3.1 specification covering login, accounts, statements and Mi Pass
Protocol and auth-flow report (token chain, header signing, device binding)
Runnable Python 3.11 + Node.js 20 source packages with retry and rate-limit logic
Postman / Bruno collection and integration test cases
Compliance matrix for Ley Fintec, Law 19.628 and CMF Circular requirements
Operational runbook for token rotation, Mi Pass re-enrolment and incident response

Engagement options

Source code delivery from $300 — runnable API source plus full documentation; pay after delivery upon satisfaction
Pay-per-call hosted API — connect to our managed gateway and pay only for successful calls; ideal for usage-based pricing
Custom retainers — multi-bank pipelines that combine Mi Banco with BancoEstado, BCI or Santander Chile under a single client SDK

Recent feature coverage

Our adapters track Mi Banco's recent product evolution so customers do not need to re-implement against deprecated paths.

Mi Pass replacing the physical DigiPass token (2024)
One-time registration plus 5-digit MI PIN login
Improved card-blocking and lost-device recovery flows
Card-free ATM withdrawal codes for third parties

Data available for integration

The following data domains are reachable through Mi Banco's authenticated mobile channel and, in parallel, through the CMF Open Finance taxonomy. Each row maps the data type back to the screen or feature inside Mi Banco that produces it, so audits remain traceable from the API back to the customer experience.

Data type	Source feature	Granularity	Typical use
Identity & profile	Login + Mi Pass enrolment	National ID (RUT), masked email and mobile, customer segment	KYC sync, beneficial-ownership refresh, fraud-risk scoring
Account balances	"Saldos" home screen	Available, ledger and overdraft balances per CLP / USD account	Cash-flow dashboards, treasury sweeps, alerting
Transaction history	"Cartolas" and "Últimos movimientos"	Per transaction: date, amount, counterparty, channel, reference	Reconciliation, accounting export, expense categorisation
Credit cards & line of credit	"Tarjetas de crédito" and "Línea de crédito"	Statement period, minimum due, used credit, instalment plan	Card management, dunning, instalment repayment APIs
Bills & service payments	"Pago de cuentas / servicios"	Biller code, account number, amount, due date	Utility-pay aggregators, receivables collection, recurring billing
Transfer beneficiaries	"Transferencias a terceros"	Beneficiary RUT, bank, account type, alias	Mass-payment validation, payroll routing, AML screening
ATM & card-free withdrawals	"Giro sin tarjeta"	Withdrawal code, amount, expiry, claimed-by RUT	P2P cash distribution, on-demand worker payouts
Authorization events	Mi Pass authorization log	Operation type, device fingerprint, timestamp, decision	Audit trail, fraud analytics, dispute resolution

Typical integration scenarios

1. SME accounting reconciliation

A Chilean ERP needs daily statement-level reconciliation against invoices issued through the SII. We pull Últimos movimientos for each linked Banco de Chile account, normalise the description field, and post a webhook to the ERP whenever the matching engine confirms a payment. The data path maps directly to the SFA "deposit account" category in CMF rules, so no schema changes are required when the bank goes live with its SFA endpoint.

2. Treasury sweep across multiple banks

A corporate treasury team aggregates Mi Banco balances together with BancoEstado, BCI and Santander Chile in a single dashboard. The Mi Banco adapter polls intraday balance, and a transfer-initiation call moves funds back to the master account whenever the daily threshold is breached. Mi Pass authorization is invoked transparently for every initiation request.

3. Consumer personal-finance app

A neobank-style PFM in Santiago wants to display all of a user's Banco de Chile accounts and credit cards beside Mach, Tenpo and Mercado Pago Chile balances. Our SDK handles the consent capture, persists the refresh token in an encrypted vault, and re-runs Mi Pass when the user authorises a high-risk action like changing the saved beneficiary list.

4. AML / risk scoring pipeline

A regtech firm needs counterparty graphs derived from real banking flows. Statement and beneficiary data from Mi Banco feed a graph database, and a daily job builds risk scores fed back to underwriters. Logging, consent records and data-minimisation are aligned with Law 19.628 and the CMF privacy guidance for the SFA.

5. Embedded card-free ATM payouts

A gig-economy platform pays workers using Banco de Chile's card-free ATM feature. The platform calls a single endpoint with worker RUT and amount, receives a withdrawal code and expiry, and ships the code to the worker over SMS or in-app push. Reconciliation events arrive over a webhook the moment the worker completes the cash collection.

Technical implementation

Below are representative request/response shapes that mirror the Mi Banco mobile protocol, simplified for documentation. Real production payloads include device binding, request signing and Mi Pass challenges; details are covered in the deliverables package.

Login & session creation

POST /api/v1/mibanco/session
Content-Type: application/json
X-Device-Id: 9f1e-…-c7

{
  "rut": "12.345.678-9",
  "mi_pin": "<5-digit MI PIN, encrypted>",
  "device_fingerprint": "<hash>"
}

200 OK
{
  "access_token": "eyJhbGciOi…",
  "refresh_token": "rt_…",
  "expires_in": 900,
  "mi_pass_required": false,
  "customer_segment": "personas"
}

Statement query

POST /api/v1/mibanco/statement
Authorization: Bearer <ACCESS_TOKEN>
Content-Type: application/json

{
  "account_id": "00-123-45678-90",
  "currency": "CLP",
  "from_date": "2026-04-01",
  "to_date":   "2026-04-30",
  "page": 1,
  "page_size": 100
}

200 OK
{
  "account_id": "00-123-45678-90",
  "page": 1, "total_pages": 3,
  "transactions": [
    {
      "date": "2026-04-08",
      "description": "TRANSF DESDE 76.543.210-K",
      "amount": 1450000, "currency": "CLP",
      "balance_after": 8421500,
      "channel": "TEF",
      "reference": "MB-2026040800012"
    }
  ]
}

Transfer with Mi Pass authorization

POST /api/v1/mibanco/transfer
Authorization: Bearer <ACCESS_TOKEN>
X-MiPass-Token: <authorization-token from Mi Pass>

{
  "from_account": "00-123-45678-90",
  "to_account":   "00-987-65432-1",
  "to_bank":      "BANCO_ESTADO",
  "amount":       250000,
  "currency":     "CLP",
  "comment":      "Servicios abril 2026"
}

202 Accepted
{
  "transfer_id": "tr_01HZ…",
  "status": "PENDING_AUTHORIZATION",
  "auth_url": "mibanco://authorize?req=…"
}

// Webhook on completion
POST <your endpoint>
{
  "event": "transfer.completed",
  "transfer_id": "tr_01HZ…",
  "settled_at": "2026-05-10T13:42:11Z",
  "fee": 0
}

Compliance & privacy

Regulations we map against

Ley 21.521 (Ley Fintec) and the CMF's Sistema de Finanzas Abiertas regulation
Law 19.628 on the protection of personal data, including the 2024 amendments raising it closer to GDPR-style standards
CMF banking and IT-risk circulars (operational risk, third-party access, incident reporting)
PCI DSS controls on any path that touches PAN, expiry or CVV
OAuth 2.1 + FAPI 2.0 alignment for consent, token binding and request signing

How we operate

Every integration ships with a consent ledger that records who authorised what data, for which purpose and for how long. Refresh tokens are stored encrypted, with key rotation handled at the gateway. We never bypass Mi Pass when the bank requires it, and we never persist credentials beyond the minimum needed to complete a session. Authorized data-extraction work always requires the customer's signed mandate; we do not provide tooling for unauthorised access to third-party accounts.

Data flow / architecture

A Mi Banco integration follows a four-stage pipeline that keeps user-facing latency low while remaining auditable end-to-end.

1. Client app or backend initiates a request, capturing user consent and a fresh device fingerprint.
2. Ingestion / API gateway performs request signing, rate-limiting and Mi Pass authorization brokerage; emits structured logs for every call.
3. Storage & normalisation writes the raw response to encrypted object storage and a normalised record to a transactional store keyed by RUT and account identifier.
4. Analytics or downstream API output exposes the cleaned data over your own gRPC, REST or Kafka channels, so consumer teams never talk to the bank directly.

Market positioning & user profile

Mi Banco is used by retail customers, professionals and small businesses across Chile, with deeper penetration in the Región Metropolitana and the country's largest urban centres. Banco de Chile is one of the country's three systemic banks (alongside BancoEstado and Santander Chile) and consistently ranks in the top tier of the Chilean finance app charts on Google Play, with the Mi Pass companion app now serving as the default authorization tool. The product is mobile-first, with iOS and Android parity, and is increasingly bundled with the Banco Edwards channel inside the same parent organisation. For integration buyers, the most interesting segments are SME owners (cash flow and reconciliation), corporates (treasury sweeps), and consumer fintechs that want a unified balance and transaction view across traditional banks and digital wallets.

Screenshots from Mi Banco

Tap any thumbnail for a larger view. These are the official Google Play screenshots used to identify the product surfaces our APIs map against.

Similar apps & the Chilean integration landscape

Customers who integrate Mi Banco frequently work with one or more of the following apps. Each holds a different slice of the same Chilean financial graph, and our pipeline treats them as natural neighbours rather than competitors. Listing them here helps teams searching for any of these names land on a page that already covers their unified-integration question.

BancoEstado — State-owned bank with the largest Chilean retail footprint; transactions, RUT-linked accounts and CuentaRUT are common reconciliation targets alongside Mi Banco.

Santander Chile — One of the largest private banks; integrators pair Mi Banco data with Santander statement and card APIs for multi-bank dashboards.

BCI — Operates a developer portal and the MACH wallet; useful when a fintech wants both a traditional and a digital-wallet view of the same customer.

Scotiabank Chile — Strong on credit-card data and SME accounts; combined with Mi Banco it gives a full picture of household credit utilisation.

Banco Itaú Chile — Owner of the Itú neobank; common in higher-income personal-finance segments where Mi Banco is one of several linked accounts.

Banco Falabella — Retail-bank and CMR Falabella card data; particularly relevant for retail-finance and loyalty integrations.

Banco Ripley — Retail bank tied to the Ripley group; often appears in cross-bank consumer-credit aggregations.

Mach — Digital wallet from BCI; aggregators routinely combine Mach top-up flows with Mi Banco transfers.

Tenpo — Credicorp-owned digital account; popular with un- and under-banked users who also hold a Banco de Chile relationship.

Mercado Pago Chile — Mercado Libre's wallet; QR and in-app payments are commonly reconciled against Mi Banco statements.

About OpenFinance Lab

We are an independent studio focused on fintech and open-data API integration. The team brings together engineers from Latin American banks, payment gateways, mobile-protocol research and cloud platforms. We know what Banco de Chile, the CMF and NPCI-style ecosystems expect, and we ship end-to-end financial APIs under security and compliance constraints.

Payments, digital banking, insurtech and cross-border clearing
Enterprise API gateways and security reviews
Custom Python, Node.js and Go SDKs and test harnesses
Pipeline: protocol analysis → build → validation → compliance
Source-code delivery from $300 — runnable API source plus docs; pay after delivery upon satisfaction
Pay-per-call hosted API — usage-based pricing, no upfront cost

Contact

Send us the target app name (Mi Banco), the data domains you need, the user-segment scope and any sandbox credentials you already have. We respond with a scoped quote and a delivery plan.

Contact page

Engagement workflow

Scope confirmation: integration scenarios and API needs (login, statements, transfers, Mi Pass).
Protocol analysis and API design (2–5 business days, complexity-dependent).
Build and internal validation against sandbox or authorised test accounts (3–8 business days).
Documentation, samples, Postman collections and test cases (1–2 business days).
Typical first delivery: 5–15 business days; CMF or third-party approvals may extend timelines.

FAQ

What do you need from me to start a Mi Banco integration?

The target app name (Mi Banco), your concrete needs (e.g. transaction history sync, balance polling, statement export, Mi Pass authorization), the user-segment scope (retail, SME or corporate), and any existing internal credentials, sandbox tokens or open-banking consents you already hold.

How long does delivery take for a Banco de Chile API integration?

A first runnable API drop with documentation usually lands in 5 to 12 business days. More complex stacks that include multi-account corporate support, Mi Pass MFA flows or Open Finance consent management can take 3 to 5 weeks.

How do you handle compliance with the Chilean Fintech Law and CMF rules?

We work strictly under user consent, documented public APIs, or contracted data-access flows. Implementations are aligned with the CMF Open Finance System (Sistema de Finanzas Abiertas), Ley Fintec data-sharing principles, Law 19.628 on personal data protection, and standard PCI DSS controls for any card-data path.

Can you integrate Mi Pass for transaction authorization?

Yes. We mirror the Mi Pass authorization handshake (registration, device binding, 5- or 6-digit PIN challenge and replacement of the legacy DigiPass token) so your backend can request and receive an authorization decision without forcing customers off your own UI.

Original app overview (appendix)

With Mi Banco from Banco de Chile, you can carry out your banking transactions quickly, simply, and securely. The app meets high security standards designed to protect your data and device.

Check the balance and latest transactions on your accounts and credit cards, transfer funds to third parties, pay your cards and the amount used on your credit line. You can also pay your utility bills.

Send money to a third party for card-free withdrawals from any Banco de Chile ATM.

Banco de Chile invites users to enjoy a new experience: download the app, register once, and then log in with just a 5-digit MI PIN.

As a complement, customers can download the Mi Pass app. With Mi Pass, you authorize transactions securely and without needing to use the legacy DigiPass, simplifying banking operations with confidence and security.

Package ID: cl.bancochile.mi_banco
Platforms: Android (Google Play) and iOS (App Store)
Operator: Banco de Chile (parent of the Banco Edwards brand)
Companion app: Mi Pass for strong-customer authorization