In an industry as dynamic and competitive as ours, innovation determines the front runners. Unfortunately, this very ecosystem that fosters a rapid growth in technology conversely sees entities adapt, respond, and contribute to ad fraud in sophisticated ways. One such approach – click injection, has emerged to be a growing challenge.
What is click injection?
While similar, click injection differs from click spamming in the process, time, and destination of the click. It is a form of organic poaching that relies on the injection of a click moments before an app is installed completely. The objective of click injection is for the fraudulent click to be deemed as the last click before install. This causes a misattribution of an install and the subsequent pay-out.
How does click injection work?
The process of click injection is elaborate beginning with the creation of an app that appears innocent enough on the surface but houses malicious intent. These apps are built on SDKs which further add to the hurdles of dealing with click injections. These apps contain malware that can be used to listen to ‘install broadcasts’. These are messages that android apps send or receive when an event occurs. This is the loophole that fraudulent apps leverage and the reason why click injection is more prevalent in android devices.
When the fraudulent app receives a notification of install it injects a click that an MMP registers as the last click before launch. It is important to note at this juncture that the fraudulent app would be privy to the device’s tracking code. This makes the fraudulent click appear authentic and to have originated from the device. In doing so, the fraudsters will be awarded the pay-out associated with the install.
Why is this important?
It comes down to data.
To the casual eye, irrespective of the fraudulent clicks, the campaigns and effort invested would seem to be fruitful. However, it is but a fruit with no seed and no potential for growth.
Click injection, like all forms of ad fraud, distort and manipulate campaign performance data. This has a cascading effect as this is data that determine strategy, optimization, pay-outs, and budget allocation.
In poaching from what could have been an organic install or one that stems from an authentic source, this fraudulent activity has a damaging effect on all stakeholders in the ecosystem. In addition to Publishers losing out on pay-outs, the distorted attribution would also result in Advertisers banking on fraud-based sources.
How do you identify and prevent click injection?
While fraudsters rely on distorting data to stay one step ahead, it is this same data that can help marketers identify and prevent click injection. By analyzing and comparing the data between the timing of the attributed click and install (Average Click to Install Time/CTIT), we will be able to identify instances where the time to install is less than the average CTIT. This is a telling sign of click injection. Once you’ve identified fraudulent sources, you can work to filter and curtail ad fraud.
If you would like to know more about click injection or how we can help you curb its effects, drop us a note and we’ll get right to you!