<b>How to actually read a CTIT distribution (and what each peak means)</b>

<b>How to actually read a CTIT distribution (and what each peak means)</b>
Click-to-install-time is the single most diagnostic chart in in-app fraud, yet most buyers never open it. Here's the field guide.

— Spike at 0–10s → click injection (Android broadcast theft)
— Mass beyond 24h, flat tail → click flooding / click spam (claiming organics)
— Tight unnatural cluster (e.g. exactly 2–4h) → automated install fraud
— Healthy traffic → smooth right-skewed curve peaking around 1–10 min

✓ CTIT exposes fraud types that aggregate rejection rates hide entirely
✓ Works as an independent check on your MMP's verdict
✗ Requires per-source raw CTIT export — some dashboards only show summary stats
✗ iOS SKAN obscures CTIT, so this is mostly an Android tool

<b>Verdict:</b> demand raw CTIT export from any source you buy at scale; it's your cheapest fraud audit.
<b>Best for:</b> media buyers vetting new Android sources.