Time to read: 3 min.
The article covers the following topics:
What is the Click signing feature?
The feature provides you an opportunity to sign every single click sent to AppsFlyer. It is an anti-fraud measure that prevents a situation when an ad network isn't aware of sending fraud traffic to the advertiser.
The work principle is: a unique token (code) with a certain period of validity is attached to a click and sent via the advertiser's tracking link. If the token is expired or wrong, AppsFlyer will define such clicks as fraud traffic. The blocking of traffic can happen. Here you can read more about the feature.
How to enable Click signing?
Step 1: enable the feature on Affise
You need to turn the feature on. It can be done on two levels:
- The Advertisers section -> the Advertisers subsection -> the advertiser's edit page -> the General tab:
The feature is used for all offers of this particular advertiser.
- The Offers section -> the offer's edit page -> the Tracking tab:
The feature is used for this particular offer.
Step 2: take the API token on AppsFlyer and put it on Affise
Take the API token on AppsFlyer. Check this article to find out how to do it.
Go to the Settings section -> Appsflyer -> the API token field and insert the API token. Click Save.
Step 3: choose a mode for Click signing
There're three types of mode configuration:
- Disable - No click signature validation is done by AppsFlyer.
- Enable - AppsFlyer blocks clicks with invalid or missing signatures.
- Report only (No rejection) - AppsFlyer validates click signatures, but doesn't block clicks with invalid signatures.
AppsFlyer recommends to set the mode to Enable after you run in Report only mode for few hours and check your reports to ensure the configuration is correct and that all clicks passed signature validation.
How does Click signing work?
Once a day, Affise makes a request to AppsFlyer using the API token you've provided to get a secret key: a unique signature for clicks. The secret key's period of validity is 36 hours. As a result, there can be two valid secret keys at the same time.
Once Affise gets the secret key and its expiry date, it adds two parameters to the advertiser's tracking link:
- &expires=the_click's_expiry_date (the time of click creation + 5 mins according to the UTC +00.00)
If you use Affise Server Parallel tracking, both parameters will be passed via links in both fields:
When click comes to AppsFlyer, it validates values in both parameters and clicks signing mode. As a result, there are three positive scenarios possible:
- Disable: clicks signing mode Affise keeps sending &exprires=the_secret_key's_expiry_date&signature=the_secret_key_itself parameters via AppsFlyer tracking link, while it ignores the parameters passed.
- Enable: clicks signing mode Affise keeps sending &exprires=the_secret_key's_expiry_date&signature=the_secret_key_itself parameters via AppsFlyer tracking link, while it validates the expedition date and the secret key and blocks the clicks when they're invalid.
- Report only (No rejection): clicks signing mode Affise keeps sending &exprires=the_secret_key's_expiry_date&signature=the_secret_key_itself parameters via AppsFlyer tracking link, while it validates the expedition date and the secret key and does not block clicks if they're invalid - just report on them.
1) Should I enable Click signing on Appsflyer?
No, no need to do anything on AppsFlyer to turn the feature on.
2) How often does Affise update the secret key?
Once a day (24 hours).
You may also find the following articles helpful:
- Affise <-> AppsFlyer integration
- Click signing feature: AppsFlyer documentation
- How to get your API token on AppsFlyer
If you have more questions on the Integration with AppsFlyer, feel free to contact the AppsFlyer Support Team via the AppsFlyer Help Center.
Written by Lizaveta Talkachova