Why partner with Citi?
Citi has over 200 million customers in 160 countries, spanning 4 continents.
Your data needs are satisfied with 16 markets, 10 API categories, and 85 actionable APIs and growing.
The time from great idea to working product is reduced from years to months.
OAuth 2.0 authorization and TLS 1.2 encryption protect your customers' credentials and financial information.
Explore how we power innovative solutions
Click a logo below to learn more.
Intuit provides reliable data access to millions of customers
As a well-known provider of financial management software such as Mint and Quickbooks, Intuit needed a more streamlined and reliable way to provide users access to their data without storing credentials.
Using Citi’s authentication technology and Accounts APIs, customers can now authorize Intuit to reliably access their Citi account data—such as balances, due dates and transaction history. Customers can then view their data through engaging infographics and charts.
By partnering with Citi, Intuit can provide accurate and up-to-date information for a better customer experience.
Intuit APi's Used
Qantas credit cards and mobile app
Powered by Citi’s APIs and global infrastructure, Qantas launched their first Premium and Platinum credit cards along with the Qantas Money app.
Using over 70 Citi APIs to create this new integrated digital experience, the app aggregates customers’ financial data into one place and offers insights into spending habits for greater control. Customers can now monitor their credit card and frequent flyer points balance while earning rewards through Qantas’ loyalty program.
By partnering with Citi, Qantas reduced the time to integrate from years to months. The result: an integrated customer experience that delivers financial control and premium benefits.
SingSaver offers instant approval process for Citi credit cards
Citi and SingSaver partnered to create a seamless credit card application natively in the SingSaver website.
Using the Citi Onboarding APIs, the SingSaver application provides a one-stop shop for customers to compare, select and apply for credit cards—all within SingSaver. If approved, SingSaver can notify users of their acceptance and credit limit almost instantly.
By integrating with Citi, the time to go live was reduced from years to months. The result: reduced customer pain points and drop-offs, improving customer experience and conversion rates.
SingSaver APi's Used
It’s easy to build the right solution for your product.Browse API Catalog
Going Live - Moving to Production
From first ideas to live global data. Here's how you join the Citi Open Banking program.
Sign up and browse the API catalog to assemble a suite of APIs tailored for your solution.
Register an app to start making calls with sandbox data, and test how it works within your app or website.
Submit your idea through contact sales. We'll check out your app to determine if we'll be a fit, test it together, and if everything's good ...
You're ready to launch! We'll move you to production, and your customers will have access to their live data through your product.
Frequently Asked Questions Expand all sections Collapse all sections
The cost of accessing production APIs depends on the specific use case, which APIs you access, traffic volume, and your business case to Citi customers. Note that the sandbox can be accessed by anyone registered on Developer Hub without any fees.
Yes. Citi is compliant with PSD2 in the markets where it is applicable.
At a high level, our security assessment will evaluate the following:
Infrastructure – The physical structures, IT, and other hardware your company uses.
Software – Your company’s application programs and IT system software.
People – The personnel involved in the governance, operation, and use of a system.
Procedure – The organizational protocols and automated or manual procedures.
Data – Transaction streams, files, databases, tables, and output used or processed by a system.
The security assessment will be conducted by Citi’s Information Security Group. In some situations, a SOC 2 audit report conducted by an independent, certified auditor in the last 12 months can be used to supplement the information we require in the security assement. Please note that the security assessment will have to be updated on an annual basis or if there are any material changes.
- Timing: The assessment process takes appoximately 2 to 3 weeks, depending on the completeness of the material you provide, any gaps we might identify and the availability of resources.
- In the agreement you enter into with Citi, Citi will reserve the right to conduct an audit on demand in certain situations such as:
1. Data breach or fraudulent access
2. Misuse or mishandling of data
3. Failures in security infrastructure and controls
4. Regulatory expectations
5. Any events that could potentially impact Citi Customers (e.g., If a Citi
Customer’s sensitive non-Citi account information has been breached)
In order to begin working with Citi’s production APIs, your company will need to fulfill certain requirements, agree to Citi’s terms and conditions and go through our onboarding process.
Here’s what the process looks like at a high level:
- You’ll register on Developer Hub and contact our Engagement Team.
- Our Engagement Team will contact you, and if it seems like our businesses will be a good fit, we’ll ask for more information.
- You’ll submit a use case, technical gap analysis, and a prototype made in our sandbox environment.
- We’ll agree on Citi’s Terms of API Access.
- You’ll begin our onboarding process and need to pass a security assessment.
If all looks good, we’ll…
- Sign an agreement
- Test and validate the APIs together
- Integrate the production APIs
- Go live
The time it takes to move to production varies. Factors that influence the length of time include: the type of use case, resources available, and the complexity of the service being delivered to customers.
The Citi customer data fields available through our APIs are those shown in our Developer Hub API Catalog. As described in the Catalog, the customer data fields vary based on the market location of each API. In some situations, we might make additional customer data fields available when a use-case has a compelling customer value proposition.
Before you can use a Citi customer’s data, you must first obtain explicit consent from the customer, and the way in which you use that data must comply with the terms of the agreement you enter into with Citi.