What is click injection - install attribution fraud - Impact
Close Technique Button

Install attribution fraud

Click injection

Click injection is a technique for winning last click attribution in CPI campaigns. It’s enabled on Android phones when a bad actor includes app code that uses the Android feature “Install Broadcast” to continuously monitor a user’s device for new installs. Based on this information, the publisher can send fake clicks just before payable post-install events occur.

Technique Left Arrow 2
Technique Right Arrow

How they do it

  1. Malicious publisher has registered for advertiser’s affiliate program that pays for installs once user has opened advertiser’s app
  2. User downloads malicious publisher’s app
  3. App features code that allows it to monitor user’s Android for all new installs
  4. Malicious publisher’s app detects that user has just downloaded advertiser’s app
  5. Malicious publisher injects fake click event
  6. User opens advertiser’s app
  7. Advertiser attributes credit to malicious publisher, even though they provided no value in driving the install, and pays them a percentage of revenue
Click injection

Get in touch