SAIB Mobile API integration & KSA OpenBanking

OpenData · OpenFinance · OpenBanking · Protocol analysis

Connect SAIB Mobile accounts, cards, finance products and loyalty data to your stack — safely

SAIB Mobile (com.saib.mobile.retail) is the Saudi Investment Bank retail app: dashboard balances, local and international transfers, mada/travel/credit card management, personal and home finance, investment portfolio and IPO subscriptions, plus a points-based loyalty marketplace. We deliver protocol analysis, authorization flows and statement APIs that mirror these screens and align with the SAMA Open Banking Framework so a third party can query consented financial data through a clean interface.

Account & balance APIs — Read current account, additional accounts and dashboard balances; use for daily cash-position checks and treasury dashboards.

Transaction statement APIs — Paged, date-ranged transaction history with merchant, channel and category fields; export to JSON, Excel or PDF for bookkeeping and reconciliation.

Card & finance data — mada, travel and credit card balances and transactions, spending limits, plus loan and home-finance repayment schedules for credit monitoring.

Investments & loyalty — Portfolio holdings, fund subscriptions, IPO activity and loyalty points/redemptions, surfaced for wealth dashboards and rewards reconciliation.

SAIB Mobile in the Saudi open banking landscape

The Saudi Investment Bank (SAIB, "البنك السعودي للاستثمار") rebuilt its retail app — published on Google Play as SAIB Mobile under the identifier com.saib.mobile.retail — around quick biometric login (Face ID, Touch ID, passcode), a consolidated dashboard, and instant in-app account opening. Recent store releases through 2025 have continued shipping interface refinements, Apple Wallet card provisioning and stability fixes, signalling an actively maintained product rather than a legacy build. That matters for integration: a modern, regularly updated client typically sits on consistent backend APIs, which makes protocol analysis and long-lived connectors far more dependable.

SAIB is also a participant in the Kingdom's regulated open banking programme. The Saudi Central Bank (SAMA) launched the Open Banking Framework in November 2022 starting with Account Information Services, and in September 2024 issued an update covering Payment Initiation Services. SAIB exposes a developer portal at developer.saib.com.sa/open-banking with sandbox and production endpoints, mutual-TLS security, X.509 client certificates, PSD2-style Strong Customer Authentication, consent management and Third-Party Provider verification. Where a use case fits those official rails, we build directly on them; where a client needs data that the public APIs do not yet cover, we deliver authorized protocol-analysis connectors that follow the same consent and security patterns.

This page explains, in OpenData / OpenFinance / OpenBanking terms, exactly which SAIB Mobile data can be integrated, the end-to-end scenarios it unlocks, how the technical implementation looks, and how we keep everything inside Saudi regulatory expectations. It also lists comparable Saudi banking apps so teams running multi-bank integrations can see where SAIB Mobile fits.

What we deliver

Deliverables checklist

API specification in OpenAPI / Swagger form, covering login, accounts, transactions, cards, finance and loyalty resources
Protocol and authorization report: token lifecycle, refresh flow, mTLS / certificate chain, consent scopes
Runnable source code for account, statement and card endpoints in Python and Node.js (Go on request)
Automated test suite, sandbox fixtures and Postman / HTTP collection
Compliance pack: SAMA Open Banking alignment notes, consent and SCA handling, data-minimization and retention guidance
Operations notes: rate limits, pagination, error codes, retry and idempotency strategy

Two engagement models

Source code delivery from $300: we hand over runnable API source code plus full documentation and tests; you pay after delivery once you are satisfied.

Pay-per-call hosted API: connect to our managed endpoints and pay only for the calls you make, with no upfront fee — suited to teams that prefer usage-based pricing or want to validate a flow before committing to a full build.

Both models support Android and iOS targets and ship with the same documentation and test plan.

Data available for integration (OpenData perspective)

The table below maps the structured data inside SAIB Mobile to the screen it comes from, the practical granularity, and the kind of downstream use it supports. It is derived from the published app description and SAIB's open banking documentation; the exact fields available in a given engagement depend on consent scope and whether official APIs or authorized protocol analysis are used.

Data type	Source (screen / feature)	Granularity	Typical use
Account balances & account list	Dashboard, Account & Profile Management	Per account, near real-time snapshot	Cash-position dashboards, treasury, affordability checks
Transaction history / statements	Dashboard, account detail, statement export	Per transaction: date, amount, currency, counterparty, channel, category; paged by date range	Bookkeeping, reconciliation, expense analytics, AML/risk screening
Transfers & payments	Transfers & Payments (local, international, bill pay, recurring)	Per payment instruction and status; beneficiary list	Payment initiation, payout reconciliation, recurring-payment monitoring
Card data	Card Management (mada, travel, credit cards)	Per card: masked PAN, status, balance, available limit, transactions, spending limits	Card-spend analytics, fraud signals, limit and lifecycle automation, Apple Wallet provisioning context
Finance products	Finance Products (personal & home finance, refinance, settlements)	Per facility: principal, outstanding, repayment schedule, overdue status	Credit monitoring, debt-service ratio, early-settlement modelling, lending decisioning
Investment portfolio	Investment Services (portfolio, funds, IPO subscriptions, market updates)	Per holding: instrument, units, value; subscription orders and status	Wealth dashboards, performance reporting, portfolio aggregation
Loyalty & marketplace	Marketplace & Loyalty Program	Points balance, accrual and redemption history, available rewards/vouchers	Rewards reconciliation, loyalty analytics, partner-offer matching
Profile & preferences	Account & Profile Management, Contact & Help Center	Customer profile attributes, app preferences, support ticket status	KYC enrichment, onboarding automation, support-desk integration

Typical integration scenarios

Each scenario names the business context, the SAIB Mobile data or API involved, and how it maps to OpenData / OpenFinance / OpenBanking patterns.

1. Accounting & ERP reconciliation

Context: a Saudi SME wants its SAIB current account and card spend reflected automatically in its accounting suite. Data/API: the account list and transaction statement endpoints, pulled nightly with a date-range cursor. OpenFinance mapping: a SAMA-style Account Information consent grants read-only access; transactions are normalized to a ledger schema and pushed to the ERP, eliminating manual statement uploads.

2. Personal finance & account aggregation

Context: a budgeting app shows a customer all their balances across SAIB and other Saudi banks. Data/API: balances, categorized transactions, card limits and loan schedules. OpenBanking mapping: the customer authorizes data sharing through SAIB Mobile or internet banking; the aggregator reads via consented AIS scopes and refreshes on a schedule, with the customer able to revoke at any time.

3. Lending & affordability decisioning

Context: a lender or BNPL provider needs verified income and obligations before approving credit. Data/API: 6–12 months of transaction statements plus existing finance-product repayment schedules and overdue flags. OpenFinance mapping: a time-boxed consent returns the data; we compute inflow stability and debt-service ratios server-side so the lender only stores derived scores, not raw statements.

4. Treasury & multi-account dashboards

Context: a corporate finance team monitors several SAIB accounts plus cards in one screen. Data/API: account balances polled intraday, transaction deltas, and a webhook for new postings. OpenData mapping: a Client App → Ingestion API → time-series store → BI layer pipeline turns raw postings into liquidity and burn-rate views.

5. Loyalty & rewards reconciliation

Context: a partner running a co-branded offer needs to confirm point accrual and redemption against SAIB's loyalty marketplace. Data/API: loyalty points balance, accrual/redemption history and available vouchers. OpenData mapping: a periodic export feeds a reconciliation job that matches partner-side transactions to bank-side point events and flags discrepancies.

Technical implementation

The snippets below are illustrative request/response shapes for a consent-based integration. Real endpoints, headers and field names are confirmed during protocol analysis and aligned with SAIB's published open banking specification; authentication uses OAuth-style access tokens over mutual TLS.

A. Authorize & obtain an access token

// Step 1: exchange an authorization grant for a scoped token (pseudocode)
POST /open-banking/oauth2/token
Content-Type: application/x-www-form-urlencoded
// mutual TLS: client presents its X.509 certificate

grant_type=authorization_code
&code=<AUTH_CODE_FROM_CUSTOMER_CONSENT>
&redirect_uri=https://app.example.com/callback
&client_id=<TPP_CLIENT_ID>

200 OK
{
  "access_token": "<ACCESS_TOKEN>",
  "token_type": "Bearer",
  "expires_in": 900,
  "refresh_token": "<REFRESH_TOKEN>",
  "scope": "accounts:read transactions:read cards:read",
  "consent_id": "cns_8f21a0"
}

B. Fetch a transaction statement

// Step 2: paged transaction history for a consented account
GET /open-banking/accounts/{accountId}/transactions
  ?fromBookingDate=2026-03-01
  &toBookingDate=2026-03-31
  &page=1&pageSize=100
Authorization: Bearer <ACCESS_TOKEN>
x-consent-id: cns_8f21a0

200 OK
{
  "accountId": "SA03-XXXX-1042",
  "currency": "SAR",
  "page": 1, "pageSize": 100, "totalPages": 3,
  "transactions": [
    {
      "transactionId": "txn_55012",
      "bookingDate": "2026-03-04",
      "valueDate": "2026-03-04",
      "amount": -239.50, "currency": "SAR",
      "creditDebit": "DEBIT",
      "channel": "POS", "category": "groceries",
      "counterparty": "Carrefour Riyadh",
      "balanceAfter": 8421.10
    }
  ]
}

C. Card list & webhook for new postings

// Cards with limits (pseudocode)
GET /open-banking/cards
Authorization: Bearer <ACCESS_TOKEN>

200 OK
{ "cards": [
  { "cardId":"crd_7781","type":"mada","maskedPan":"•••• 4417",
    "status":"ACTIVE","availableLimit":3500.00,"currency":"SAR" },
  { "cardId":"crd_8820","type":"credit","maskedPan":"•••• 9032",
    "status":"ACTIVE","creditLimit":20000.00,"outstanding":4310.75 }
]}

// Webhook delivered to your endpoint when a new transaction posts
POST https://app.example.com/hooks/saib
X-Signature: sha256=<HMAC>
{ "event":"transaction.created","accountId":"SA03-XXXX-1042",
  "transactionId":"txn_55013","amount":-89.00,"currency":"SAR" }

// Error handling: 401 -> refresh token; 403 consent_expired -> re-consent;
// 429 -> honour Retry-After; 5xx -> exponential backoff with idempotency key

Data flow / architecture

A typical SAIB Mobile integration runs as a short pipeline: Client App / SAIB OpenBanking endpoint → Ingestion & auth service (handles consent, token refresh, mTLS, rate limiting) → Normalization & storage (canonical account/transaction/card schema in an encrypted store) → Delivery layer (your REST API, scheduled file export, or BI/analytics feed). Webhooks push new postings into the same pipeline so downstream systems stay current without polling, and every hop is logged for audit. Sensitive fields are tokenized or masked at ingestion, and retention windows are configurable per data type.

Compliance & privacy

Regulatory alignment

Integrations follow the Saudi Central Bank (SAMA) Open Banking Framework — launched for Account Information Services in November 2022, extended to Payment Initiation Services in September 2024 — which mandates explicit customer consent, Strong Customer Authentication, Third-Party Provider verification and standardized APIs. SAIB's own developer portal secures access with mutual TLS and X.509 client certificates. We also align handling with Saudi Arabia's Personal Data Protection Law (PDPL) and, for cross-border or EU-touching flows, with PSD2/GDPR-equivalent practices. Background reading: Open banking (Wikipedia).

How we keep data safe

Authorized or documented public APIs only — no unauthorized access
Scoped, time-boxed consent; tokens refreshed, never over-collected
Full request/response logging and tamper-evident audit trail
Data minimization: store only what the use case needs, masked or tokenized at rest
Configurable retention and deletion; NDA and DPA available
Consent revocation honoured immediately, mirroring the in-app control

Market positioning & user profile

SAIB Mobile is a B2C retail banking app whose primary users are Saudi Investment Bank personal customers in the Kingdom of Saudi Arabia — salaried professionals, families managing mada and credit cards, home- and personal-finance borrowers, and retail investors subscribing to funds and IPOs — plus a smaller segment opening additional accounts and using the loyalty marketplace. The platform focus is mobile-first on both Android (com.saib.mobile.retail) and iOS, with biometric login and Apple Wallet provisioning as standard. The most interested integration buyers are fintechs, accounting and ERP vendors, lenders and BNPL providers, account-aggregation and PFM apps, and corporate treasury teams that need SAIB data alongside other Saudi banks — exactly the audience the SAMA open banking programme was designed to serve.

Screenshots

App screenshots from the public store listing. Click any thumbnail to view a larger version.

Similar apps & integration landscape

Teams integrating SAIB Mobile often work with other Saudi banking and payments apps too. The apps below sit in the same ecosystem; we list them only to map the landscape, not to rank them.

Al Rajhi Bank app — the world's largest Islamic bank's retail app, holding Shariah-compliant account, card and financing data; teams who use Al Rajhi alongside SAIB often want unified transaction exports across both.
SNB Mobile (Saudi National Bank) — one of the most-used Saudi banking apps, with balances, local/international transfers and card data that pairs naturally with SAIB in account-aggregation projects.
Riyad Bank app — broad retail and digital services with rich transaction and card histories; a common second source in multi-bank reconciliation.
Alinma Bank app — Shariah-compliant retail and corporate banking; corporate users frequently need Alinma and SAIB statements in one ledger feed.
Bank Albilad app — retail accounts, cards and Tayseer financing data, often consolidated with SAIB for PFM dashboards.
Banque Saudi Fransi (BSF) app — retail and wealth banking data; relevant when investors hold portfolios across BSF and SAIB.
Arab National Bank (ANB) app — accounts, cards and financing records that appear alongside SAIB in treasury and lending use cases.
STC Bank — a mobile-first digital bank whose wallet and account data is often aggregated with traditional banks like SAIB.
D360 Bank — a digital-only Saudi bank; its account and spend data is a frequent companion in open-banking aggregation flows.
urpay — a popular Saudi digital wallet whose top-up and payment history is commonly merged with bank statements for a full spending picture.

About us

We are an independent technical studio focused on app interface integration and authorized API work for fintech and banking products. Our engineers come from retail banks, payment gateways, protocol-analysis teams and cloud platforms, and we have hands-on experience with open banking programmes across the Gulf and beyond.

Coverage: digital banking, cards, lending, wealth, and loyalty/rewards integrations
Enterprise API gateways, security reviews and consent management design
Custom Python / Node.js / Go SDKs, test harnesses and sandbox fixtures
Full pipeline: protocol analysis → build → validation → compliance documentation
Source code delivery from $300 — runnable API source plus documentation; pay after delivery upon satisfaction
Pay-per-call hosted API — access our endpoints and pay only per call, no upfront cost

Contact

Send us your target app and requirements — for SAIB Mobile that means which data you need (balances, statements, card transactions, loan schedules, investments, loyalty points), the volume, and any sandbox or TPP onboarding you already hold. We reply with scope, timeline and a quote.

Contact page

Engagement workflow

Scope confirmation: target screens, data types and API needs (login, accounts, statements, cards, finance, loyalty).
Protocol analysis and API design — 2–5 business days depending on complexity.
Build and internal validation against sandbox or authorized endpoints — 3–8 business days.
Documentation, sample code and test cases — 1–2 business days.
Typical first delivery: 5–15 business days; regulator or third-party approvals may extend the timeline.

FAQ

What do you need from me to start a SAIB Mobile integration?

The target app name (SAIB Mobile, package com.saib.mobile.retail), the concrete data you want — for example account balances, transaction statements, card transactions, loan schedules or loyalty points — and any authorized sandbox credentials, mTLS certificates or TPP onboarding you already hold with the bank.

How long does delivery take?

A first API drop with documentation usually takes 5 to 15 business days. Account information and statement endpoints are fastest; payment initiation, webhook delivery and multi-account corporate flows can take longer, and any third-party or regulator approval may extend the timeline.

How do you handle compliance and customer consent?

We work only against authorized or documented public APIs, aligned with the SAMA Open Banking Framework: explicit customer consent, Strong Customer Authentication, scoped access tokens, full request logging, data minimization and configurable retention. We sign NDAs and provide consent and audit records on request.

Do you deliver source code or a hosted API?

Both. Source code delivery starts at $300 — you receive runnable Python or Node.js code, an OpenAPI specification and documentation, and pay after delivery once you are satisfied. Alternatively you can use our hosted endpoints and pay per call with no upfront fee.

📱 Original app overview — SAIB Mobile (appendix)

SAIB Mobile is the Saudi Investment Bank's all-new retail mobile banking app, designed with a sleek, intuitive interface to deliver banking at your fingertips — at home, at work, or on the go — for seamless, secure and swift financial management.

Registration & setup: seamless in-app registration, then quick login via Face ID, Touch ID or a secure passcode; credentials can be saved for faster future access.
Login options: traditional username and password, or faster biometric / PIN logins.
Dashboard: view account balances, monitor transactions, pay bills and transfer money to favourite beneficiaries from one screen.
Account & profile management: manage settings and preferences, customize the app theme, and open new additional accounts instantly in-app.
Transfers & payments: transfer funds locally and internationally, quick transfers, bill payments for utilities and government services, and managed recurring payments.
Card management: manage mada, travel and credit cards in one place — balances, transaction history, activate/block cards, add cards to Apple Wallet, control spending limits and PIN settings.
Finance products: overview of current loans, repayment schedules and details; apply for personal or home finance, refinance, handle overdue payments and early settlements.
Investment services: view your investment portfolio, market updates, IPO subscriptions and subscribe to new funds in a few taps.
Contact & help center: live chat support, FAQ on accounts, transactions and cards, and the ability to submit and track requests or complaints.
Marketplace & loyalty program: track points, view and redeem rewards for travel miles, cash or exclusive offers, and explore gift vouchers and partner deals.

SAIB Mobile is published on Google Play under com.saib.mobile.retail and on the App Store as "SAIB Mobile"; recent 2025 releases have shipped interface improvements and stability fixes. This page is an independent technical-integration analysis and is not affiliated with or endorsed by the Saudi Investment Bank.