Savers Bank Mobile Banking API & FDX Open Banking

OpenData · OpenBanking · FDX · Protocol analysis · Community bank

Connect Savers Bank Mobile Banking accounts, transactions, and deposit flows to your stack — safely

We deliver Savers Bank Mobile Banking protocol analysis, fingerprint and Face ID compatible authorization flows, account and balance queries, transaction history APIs, mobile deposit submission, and Bill Pay management. Integrations follow the Financial Data Exchange (FDX) patterns recognised in January 2025 by the CFPB as the US open banking standard, so the data fits cleanly into existing aggregator and PFM pipelines.

Account login APIs — Mirror app authorization (multi-factor, Touch ID / Face ID, session refresh): bind end users, manage tokens, expose enrolment for Bill Pay and Mobiliti / CardValet.

Statement & transaction APIs — Past 90 days of transactions grouped by month, cleared check image references, paging and date filters, JSON / CSV / PDF exports for reconciliation.

Mobile Deposit APIs — Submit U.S. personal and business check images 24/7, retrieve Deposit History, and surface acceptance / hold status for downstream accounting.

Self-service banking — Stop payments, secure messaging, debit card enable/disable, alert management and external account linking exposed as discrete REST endpoints.

Data available for integration

The Savers Bank Mobile Banking app sits on top of a US community bank core (the bank is in the middle of a multi-year core upgrade announced on its public site) and exposes meaningful structured data through screens that we can refactor into clean OpenData endpoints. The table below is derived from the published feature list and from comparable FDX core-banking integrations seen in the 2025 cycle.

Data type	Source / screen	Granularity	Typical use
Account list & balances	Accounts & Fast Balances widget	Per account, current + available balance	PFM dashboards, treasury views, small-business cash position
Transaction history	Account transactions (past 90 days)	Per transaction: date, amount, description, posting status	Reconciliation, accounting sync, expense categorisation
Cleared check images	Check image viewer	Per check: image URL, amount, payee, date	Audit, dispute resolution, document archival
Transfers & loan payments	Transfers screen (immediate, future, recurring)	Per transfer: source/dest, amount, schedule, principal-only flag	Loan amortisation tracking, automated treasury moves
Bill Pay records	Bill Pay screen	Payee, amount, due date, status, recurrence	AP automation, vendor reconciliation, cash-out forecasting
Mobile Deposit history	Deposit History button	Per deposit: image, amount, hold status, account credited	Receivables tracking, fraud monitoring
Card & alert state	Self-service banking	Card enabled/disabled, alert subscriptions	Risk control, real-time fraud notification webhooks
Branch / ATM directory	Locations search by ZIP	Per location: address, hours, services	Customer-facing locators, in-app routing

Typical integration scenarios

1. Accounting & reconciliation sync

A small business banking with Savers Bank pulls daily transaction lines and cleared-check images into QuickBooks Online, Xero or NetSuite. The integration uses the /accounts, /accounts/{id}/transactions and /checks/{id}/image endpoints we expose, mapped to FDX Transaction and Statement resources. We typically run a nightly sync plus an on-demand refresh button so finance teams stop re-keying memos.

2. PFM and household dashboards

A regional fintech aggregates Savers Bank checking, savings and loan accounts inside a Plaid- or MX-style household view. Because Savers Bank uses MX as a connectivity partner on its consumer site, our delivery includes both a direct mobile-protocol connector and an MX-fallback layer, so connection success rates stay above 95% even when one path degrades.

3. Lending & cash-flow underwriting

A lender ingests 12 to 24 months of transaction history, paystub-like recurring credits, and overdraft frequency to underwrite a personal or small-business loan. We package this as a one-off statement export plus an ongoing /cashflow endpoint that returns derived KPIs (income volatility, NSF count, average daily balance), modelled on FDX 6.x payroll/income extensions.

4. Real-time card & alert webhooks

For a fraud-monitoring product, we expose card state changes (Mobiliti / CardValet enable/disable), large-transaction alerts and login push notifications as webhooks. Each event is signed with HMAC-SHA256 so downstream services can trust it without re-querying the bank, and replays are idempotent thanks to a deterministic event_id.

5. Mobile Deposit pipeline for marketplaces

An invoicing / marketplace platform lets sellers submit checks once and have the image flow into Savers Bank's Mobile Deposit endpoint while keeping a copy in S3 for the seller's records. The same flow surfaces Deposit History so the platform can reflect "deposited / on hold / cleared" states inside its own UI.

Technical implementation

Authorize a user (token bind)

// POST /api/v1/saversbank/auth/login
// Mirrors the Mobile Banking app's MFA + biometric flow.
POST /api/v1/saversbank/auth/login
Content-Type: application/json

{
  "username": "user@example.com",
  "password": "<encrypted>",
  "device_id": "8f31...c4",
  "biometric_token": "<optional Face ID / Touch ID>"
}

200 OK
{
  "access_token": "eyJhbGciOi...",
  "refresh_token": "rt_9b2c...",
  "expires_in": 1800,
  "scopes": ["accounts:read","transactions:read","deposit:write"],
  "fdx_consent_id": "cnsnt_4f2a..."
}

Statement & transaction query (FDX-shaped)

// GET FDX-aligned transactions for a deposit account
GET /api/v1/saversbank/accounts/{accountId}/transactions
  ?fromDate=2026-02-01&toDate=2026-04-30&page=1
Authorization: Bearer <ACCESS_TOKEN>

200 OK
{
  "page": 1, "pageSize": 50, "total": 187,
  "transactions": [
    {
      "transactionId": "txn_01HW...",
      "postedTimestamp": "2026-04-22T13:11:08Z",
      "amount": -42.17,
      "currency": "USD",
      "description": "POS PURCHASE - SHELL #4421",
      "category": "Fuel",
      "status": "POSTED",
      "checkNumber": null,
      "memo": ""
    }
  ]
}

Mobile Deposit submission & webhook

// POST a check image (front/back) for Mobile Deposit
POST /api/v1/saversbank/deposits
Authorization: Bearer <ACCESS_TOKEN>
Content-Type: multipart/form-data

front=@check_front.jpg
back=@check_back.jpg
amount=1250.00
account_id=acct_8821

// Webhook delivered when the deposit clears or is held:
POST https://your-app.example.com/webhooks/saversbank
X-Saversbank-Signature: t=1714660000,v1=2c7a...
{
  "event_id": "evt_01HW...",
  "type": "deposit.cleared",
  "deposit_id": "dep_01HW...",
  "amount": 1250.00,
  "account_id": "acct_8821",
  "cleared_at": "2026-04-23T15:02:11Z"
}

Each endpoint ships with retry semantics, exponential backoff, and a sandbox harness. Errors follow RFC 7807 Problem Details with deterministic type and code fields so downstream alerting can route by error class instead of brittle string matching.

Compliance & privacy

Regulatory framing

We work under written customer authorization or documented public/authorized APIs only. Savers Bank operates in Massachusetts, so US federal and state rules apply: the CFPB's Section 1033 personal financial data rights rule (finalised October 2024 and currently in 2025 reconsideration), the Gramm-Leach-Bliley Act for safeguarding customer information, FFIEC authentication guidance, and Massachusetts 201 CMR 17.00 for written information security programs. Where a third-party data aggregator is involved we follow FDX scopes, durations and revocation semantics.

Privacy controls baked in

Scoped, time-limited consent records keyed by fdx_consent_id
Data minimisation — pull only the fields the use case needs
End-to-end TLS 1.2+ and HMAC-signed webhooks
Audit logs persisted for the regulatory minimum (typically 5 years)
Right-to-revoke endpoint that invalidates tokens within 60 seconds
NDA + DPA templates available for enterprise engagements

Data flow & architecture

A typical Savers Bank Mobile Banking integration follows a four-stage pipeline: Mobile/Web client → OpenFinance Lab API gateway → Normalisation & storage → Customer integration surface. The gateway terminates the bank session, refreshes tokens, and translates raw mobile responses into FDX-shaped JSON. Normalisation enriches transactions (category, merchant, recurring flag) and stores them in an immutable event log; downstream consumers read either via REST polling or via signed webhooks. A separate egress path handles writes (mobile deposit, bill pay schedule) under an idempotency-key contract so retries are safe. Logs ship to your SIEM via syslog or HTTPS, and consent records travel alongside every request so audit reconstruction is single-pass.

Market positioning & user profile

Savers Bank is a Massachusetts community bank (chartered 1910, headquartered in Charlton, MA) serving retail and small-business customers in central Massachusetts. The mobile app is positioned as a full-service Online & Mobile Banking client used by Savers Bank's own customer base, with biometric login, mobile deposit, Bill Pay, secure messaging and Mobiliti/CardValet debit-card controls. The integration buyers we typically see for this class of app are: (a) US accounting and ERP vendors that want native data import for community-bank customers, (b) lending and underwriting platforms that need cash-flow signals where Plaid/MX coverage is partial, and (c) regional fintechs building household PFM products for the New England market. The platform focus is Android and iOS, with the underlying core currently in a public multi-year upgrade cycle that is expanding open-banking surface area.

Screenshots

Click any thumbnail to enlarge. These are the live Google Play screenshots for the Savers Bank Mobile Banking app and illustrate the screens whose data we model into APIs above.

Similar apps & integration landscape

Teams building data-integration projects for Savers Bank Mobile Banking often need adjacent connectors. The apps below appear repeatedly in the same buyer conversations — large national banks and digital-first apps that share data types and authentication patterns. We cite them here purely to describe the landscape; ranking or comparison is out of scope.

Chase Mobile

Holds checking, savings, credit-card and J.P. Morgan Wealth balances; users with both Chase and a community bank like Savers often need a unified statement export across accounts.

Bank of America Mobile Banking

Houses ACH transactions, Zelle records and Erica chat history; pairs naturally with community-bank data when an aggregator wants nationwide coverage.

Wells Fargo Mobile

Surfaces FICO scores, Zelle transfers and bill pay records, and is a frequent companion account for New England small businesses.

Capital One Mobile

Exposes Fast Balance-style sneak peeks and CreditWise scores; relevant when a downstream PFM wants to merge credit-card and community-bank data.

PNC Mobile

Common second-bank in the Northeast; integrators needing both PNC and Savers Bank often unify them under FDX-shaped resources.

Ally Bank

Online-only checking and high-yield savings with a clean transaction feed — frequently pulled alongside community-bank data for households that mix the two.

Chime

Neobank checking and SpotMe overdraft data; appears next to Savers Bank in cash-flow underwriting use cases.

Varo

Mobile-first checking, savings and credit-builder; useful comparator when modelling biometric-only login flows similar to Savers Bank's Face ID path.

Alliant Credit Union

Credit-union app with live in-app chat; relevant when integrators want both bank and credit-union coverage in one connector.

Citizens Bank Mobile

Northeast regional bank that released a public Open Banking API — a good reference for FDX-shaped community/regional-bank endpoints adjacent to Savers Bank.

What we deliver

Deliverables checklist

OpenAPI 3.1 / Swagger specification covering accounts, transactions, deposits, transfers, bill pay
Protocol and auth flow report (token chain, MFA paths, biometric reuse)
Runnable source for login, balance, transactions, and mobile-deposit endpoints (Python and Node.js, Go on request)
Postman collection + sandbox harness with mocked responses
Webhook signing utilities and replay test suite
Compliance guidance (CFPB Section 1033, GLBA, FDX consent records, Massachusetts 201 CMR 17.00)

Engagement workflow

Scope confirmation: needed data types, frequency, write actions (deposit, bill pay).
Protocol analysis & API design — typically 2 to 5 business days.
Build and internal validation against a sandbox account — 3 to 8 business days.
Docs, samples, test cases, and signed handoff package — 1 to 2 business days.
Optional ongoing maintenance retainer for upstream changes (e.g. core upgrade cutover).

About OpenFinance Lab

Who we are

OpenFinance Lab is an independent technical studio focused on App interface integration and authorized API integration. Team members come from banks, payment networks, mobile-protocol research and cloud security; we ship production code rather than slide decks. We have spent the 2024–2026 cycle tracking the FDX 6.x line, the CFPB's Section 1033 final rule and its 2025 reconsideration, and the rise of FDX-aligned API traffic to roughly 114 million customer connections — so the integrations we deliver are aimed at where the standard is going, not just where it sits today.

Banking, lending, insurtech and cross-border clearing experience
Custom Python / Node.js / Go SDKs and test harnesses
Source-code delivery from $300 — pay after delivery upon satisfaction
Pay-per-call hosted API option — usage-based billing, no upfront fee

Contact

Send your target app, the data types you need (e.g. transactions, balances, mobile deposit), volumes, and any sandbox or production credentials you can share. We reply with a scoped quote and a delivery plan within one business day.

Contact page

FAQ

Which Savers Bank data can you actually expose through an API?

Account lists, current and available balances, 90-day transaction history grouped by month, cleared check images, scheduled transfers, loan payment status, bill pay records, mobile deposit history, and account alerts. We model these as FDX-aligned resources so they slot into existing aggregator pipelines.

How long does delivery take?

Usually 5 to 12 business days for a first API drop covering login, accounts, balances and transactions, plus documentation. Adding mobile deposit, bill pay scheduling or webhook alerting typically extends the engagement by another week.

How do you handle compliance and consumer consent?

We work strictly under customer authorization or documented public APIs, with logging, consent records, GLBA-aware data minimization, and FDX-style scoped permissions. CFPB Section 1033 alignment is part of every scoping call. NDAs are signed when required.

Can you integrate with Plaid, MX or Finicity instead of a direct connection?

Yes. If your stack already uses Plaid, MX, or Finicity, we can build the bridge that maps Savers Bank Mobile Banking data into those aggregators' schemas, so you do not have to maintain two pipelines. We also help when an aggregator's coverage is partial and you need a direct fallback.

📱 Original app overview (appendix)

Savers Bank Mobile Banking (Android package com.saversbank.imobile) is the official mobile banking client for Savers Bank, a Massachusetts community bank serving retail and small-business customers since 1910. The app is available to all customers with online banking and runs on both Android and iOS.

Accounts — view all accounts and balances; view account transactions grouped by month for the past 90 days; view check images that have cleared.

Transfers — account to account transfers; loan payments including principal-only, pay-down or payoff; scheduled transfers (immediate, future-dated or recurring).

Bill Pay — schedule, manage and edit bill payments.

Locations — find nearby branches by searching by ZIP code or address.

Fast Balances — view account balances on the go without signing into the app.

Fingerprint / Facial Recognition — biometric access to the app.

Mobile Deposit — make deposits using the mobile device; view past mobile deposits via the Deposit History button. According to Savers Bank's public FAQ, mobile deposits can be transmitted 24 hours a day, 7 days a week, including weekends and holidays, and all personal and business U.S. checks can be processed through Mobile Deposit.

Self-service banking — secure messaging, stop payments, debit-card enable/disable (Mobiliti / CardValet), alert management, external and unlinked account management, push notifications.

The bank's public site notes a multi-year core upgrade currently underway, and consumer-side account aggregation on the Savers Bank web experience is powered by MX. None of those underlying systems are operated by OpenFinance Lab; this page describes how we can build authorised, compliant API integrations on top of the published mobile experience.