Referral system for a mobile app
Building a referral system for a mobile app using and your own backend
It's always fun and engaging to build a referral system for a mobile app project, but as it also implies great responsibility, we have to consider each step or sub-function very carefully. One wrong movement or skipped use-case, and our users will start to rip you off instead of helping you to expand to new markets (How Uber Used Referrals To Help Expand Into 50+ Countries) or have 3,900% increase in new users (Dropbox grew 3900% with a simple referral program).
Off top
When considering building a referral system, just count how much you spend on marketing to get a user out of the street to do what your mobile referral system is aimed at (e.g. download app + register + fill profile + buy a subscription plan). That's the amount you can give out as referral credits without any concerns. The goal of any referral program is getting for you users, cheaper than marketing spends, and that's usually a higher amount for mobile apps.
There are a couple of strategies to build a referral system for mobile app based on events you want to track
  • For non-monetary events which happen for non-authorized users (like app installs or first app launch)
  • For monetary events which happen for the authorized user (like you credit user after his referred user ordered something)
Make sure events are coming from a unique user
For non-monetary ref systems, there is a higher risk of fraud, as they are not connected to a user being authorized, thus there are fewer indicators you have to take into account to make sure events are coming from a unique user. For this case, we can rely on various direct or indirect indicators that this mobile device is unique and grand credits:

  • iOS. Apple doesn't give us actual access to any unique device ID (UDID is not reliable enough as it can be faked or there is no access to IMEI from the apps) from the app directly, but we can generate some unique ID based on UDID and "first open" Unix time and store it into the keychain. The cool thing about this keychain is that if a user deletes the app, and then installs it for the second time, we can check the keychain for a previously stored ID to confirm that this device was enrolled with a referral program. If there is no ID - we generate a new one, if there is - we take existing one for the referral program-related events. Quite easy and elegant.
  • Android. Here everything is more complicated as the user has a lot of freedom and can actually wipe the device's operating system to change any possible device ID, including IMEI. We've spent quite a lot of time investigating what could be used for the same purpose of identifying the unique ID and stopped on using Secure.ANDROID_ID as part of secure settings (a combination of app-signing key, user, and device)
Branch says they can handle device's uniqueness, but our QA department was able to bypass that after about 20 minutes of tests. Branch is still good and has very important features that we'll use, but don't believe all that they say.

For monetary events, you have much more things you can check, like confirm a phone number with SMS, validate email address, and some payment merchants like Stripe even allow getting a unique fingerprint of the used billing method (so you can grand referral credits based on used credit card itself along with other factors). Definitely, these monetary events or events after the user is properly authorized usually have a higher reward.
Flow and what is happening behind the scenes
Next, I want to go through a user's flow and connect each step along with what is happening behind the scenes (from the technical perspective) to illustrate all the settings it is necessary to implement for a mobile referral system to work:

  • Unique Branch link is created for each user. It could be created either on the backend or directly from the mobile app itself after user logs in (manual here);
  • Brach link stores custom data to identify link owner (basically you can put there anything you want, like which app screen to open after install, but for the referral system will need just the user ID);
  • And here is where the magic happens: User clicks the link, it opens in the browser, Branch makes a fingerprint of this device and a user is getting redirected to his store (AppStore, or Play Store, or any set link for other platforms or desktop);
  • Users download the app as usual;
  • Once they open the app for the first time, Branch checks its database for the same device (according to device fingerprint made when they clicked the link), install is recorded and Branch custom data is passed to the app (that's the ID of the link owner);
  • Next time users make the action related to referral credits, we pass link owners user ID, referred user device details (we've discussed how we can create unique device ids to distinguish devices) along with that user's account details in our service and the request for the action itself to our backend;
  • On the backend, we check if the referred user's device is unique (not present in our database for previous referral communications related events), check that user's account is unique (for example based on phone number verification mentioned earlier) and finally grant those commissions;
  • It's worth mentioning that if you have Firebase as the backend (or don't have the backend at all), it's also possible to organize everything there. In fact, we've built a ref system for another mobile project with Firebase (using Database and Functions) and it turned out quite good;
We'll help you to apply all this to your mobile app referral program
There are so many ways referral program could be implemented in your mobile app, thus there is no some "general solution". Here is a handy list of 77 referral program examples where you can get inspiration for your business or feel free to RESERVE A CALL with us and we'll help you to apply all this to your mobile app referral program in no time.

Referral programs are not an easy thing, they should be constantly monitored and improved over time. You should treat each detail very seriously, as there are communities out there which are hunting different ref programs and their feebles (here is an article explaining how they hacked Uber referral program). Luckily, referral programs in mobile apps give additional ways to protect owners and filter fraud, as a mobile device is still a highly personal thing.

The first thing that we suggest our clients when building a referral system for their app is to set up a section on the admin panel with top referral stats, and each month closely investigate top 10-20 of them because most of the fraud will be among the greedy ones and they will be on the top of the list.

Good luck!
Stepan Radiboh
CEO at CookieDev
Made on