In the click injection, Click is injected where a malicious publisher(apps) on the phone notices that the “ABC app” is being used by the customer and fires a click in the background. As the user is browsing on the “ABC app”, the click has been sent and the order captured. Hence, the attributes are manipulated, and payment is made to the wrong media source instead of the actual (and deserving) source.
There are two levels of attribution:
- Click to Install Attribution: If a user clicks on an ad, we need to track the validity of that click that led to the installation or conversion. For example, a 7-day or 14-day attribution is considered a standard attribution window in many performance campaigns. If a click has been performed within the set attribution window, the click is valid for attribution, and the publisher that fired the click will be attributed to the install.
- Install to Event Attribution: The subsequent events after the installation are tracked, including add-to-cart, sale/purchase, booking, etc. The attribution window can also be defined from installation to the sale/purchase event. For example, many performance campaigns, from installs to a sale event, can vary from 24 hours to 30 days, depending on the advertiser’s marketing strategy.
Steps Fraudsters Use in Click Injection:
- Fraudulent app installed on phone.
- When a new app (Advertiser app) is installed, fraudulent apps and other apps also get notifications through installation broadcast. This broadcast is essential to create a tight connection between different apps. The malicious app installed in the phone keeps performing its unsuspicious action until it listens to an Install Broadcast.
- Fraudulent apps push manipulated clicks. This click seems genuine as it has the device’s id and other records of the targeted device.
- Ads attribution services start tracing clicks in reverse chronological order and therefore determine the Fraudulent app’s click as the last-touch click and attribute this event to this fraudulent app.
- In this process, both genuine publishers and advertisers suffer losses. Genuine publishers do not get paid for their genuine efforts, and advertisers end up paying to the wrong channels.
Many apps on the Play Store have been caught doing this. The case of Cheetah Mobile is classic in this, where all apps of CM (which were very popular and had millions of installs between them) would inject clicks to steal organic/inorganic installs from other sources.
Further, users may unintentionally install a malicious app that performs non-suspicious operations, such as auto-change wallpapers, flashlights, cat-voicing, etc. It would appear harmless to them. These malicious apps are usually available on unverified Android sources for free. Such apps have permission to inject a click to run another application and listen to the ‘install broadcast’.
How to Prevent Click Injection?
- Through Data Analysis: To detect click injection, mobile measurement partners need to track timestamps for when a user started an install (click-time) and when an install is finished on the device (conversion time). With access to this information, we can prove the user’s intent to install came before the fraudulent claim. Therefore, those claims can be detected before attribution, meaning that ad spend is safe from click-injection fraud. If we analyze the data pattern of a click injection, we can find that click-to-install time will always be less than expected. This generally works only to identify the more extreme and obvious cases of click injections. Users may take their own time installing and opening the app, which means that even if the click is injected, the time when the user opens the app can be outside the limit set.
- Use Google Play Store APIs (Only for Android): Google released Play Store Referral APIs, which provide timestamps of the time of click and download of the app from the App Store. These are more accurate and effective in ensuring the detection of click injections. Unfortunately, it works only on Android and not on IOS.
- Machine Learning and Artificial Intelligence: These methods seek for accounts, customers, suppliers, etc., that behave ‘unusually’ to output suspicion scores, rules, or visual anomalies, depending on the method. These methods can identify fraud with very high degrees of accuracy.
- Be Transparent with Publishers/Affiliates: As an advertiser, demand better transparency from your publishers or affiliates. Request publishers to identify all third-party traffic sources. If a publisher seems reluctant to identify his traffic sources, that indicates possible malicious activity and something to look out for.
- Implement Third-Party Fraud Monitoring: As fraudulent practices continuously evolve, it is challenging to identify all types of fraud and block them in real time. Implementing a third-party detection system will allow you to identify and block fake activity.
Impact of Click Injection
Click Injection creates a negative loop where the advertiser continues to pay someone else for the users they would have already acquired organically (or at least through other marketing channels). It captures organic traffic, brands it without the user’s knowledge, and then claims credit for it. It ruins the accuracy of a marketer’s data and impacts accurate decision-making.
- Coupons Sites/Deal Sites: A user adds a product to the cart but then figures if there are any coupons/cashback available and clicks on the affiliate website later.
- Retargeting Sites: A user adds a product to the cart but changes his mind and keeps browsing some sites sees the ad and later decides to buy the product, so the time to add to the cart to click is more.
- mFilterIt’s Role: With its machine learning-based algorithms, mFilterIt tracks the characteristics of each device as per what it should be. The solution includes various situations and environments to detect and protect from various types of fraud. We combine cutting-edge machine-learning technology and a dedicated team of data scientists who endeavor day in and day out to help app advertisers flush frauds from their ecosystem, thus increasing their ROI.