How Customer.io Works (SDK): Track the Right App Events to Power Retention

Customer.io partner logo

Table of Contents

Example H2

Customer.io, done right. Done for you.

Execution trusted by 60+ DTC brands.
CTA: See how it works

See how it works

Summarize this documentation using AI

ChatGPT
Grok
Claude
Perplexity
Google AI

This banner was added using fs-inject

Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Book a Strategy Session

Overview

If you’re running retention in a mobile-first D2C brand, Customer.io only performs as well as the identity + event tracking you feed it from your app. If you want a second set of eyes before you ship tracking (or you’re cleaning up a messy implementation that’s breaking journeys), book a strategy call and we’ll map the minimum viable SDK spec that actually supports repeat purchase and recovery flows.

In practice, most “Customer.io isn’t working” problems are really “the app isn’t identifying users consistently” or “events fire in the wrong order,” which makes cart, browse, and purchase journeys misfire.

How It Works

At a mechanical level, the SDK turns in-app behavior into Customer.io People (profiles) and Events (activity). The retention unlock comes from getting identity stitching right—so anonymous browsing becomes attributable to the same person once they log in or start checkout.

  • Install the SDK in your iOS/Android (or cross-platform) app so the app can send data directly to Customer.io.
  • Start anonymous by default for new sessions. Let the SDK record pre-login actions (product views, add-to-cart, checkout starts) as anonymous activity.
  • Call identify as soon as you have a stable user ID (login, account creation, or when you confidently have the customer record). This is the moment that links prior anonymous activity to the known profile.
  • Track events with consistent naming + properties so you can segment and trigger journeys cleanly (e.g., product_id, variant_id, cart_value, currency, category).
  • Update person attributes when state changes (email, phone, push permission, last_purchase_at, loyalty_tier). Journeys and message routing depend on these being current.

D2C scenario: A shopper opens your app from a paid social ad, views two products, adds one to cart, then gets distracted. If you track Product Viewed and Add To Cart anonymously, then later they create an account, a timely cart recovery push/email can trigger off the same cart event—without losing context just because the user wasn’t logged in at the moment of intent.

Step-by-Step Setup

The goal here isn’t “send more events.” It’s to send the handful of events that drive retention outcomes, and to make sure identity stitching holds up under real-world behavior (app reinstalls, multi-device, login/logout, spotty connectivity).

  1. Install the correct Customer.io Mobile SDK for your stack (native iOS/Android or React Native/Flutter/Expo).
    • Confirm you’re using the workspace/site credentials meant for production—not a staging key accidentally shipped to the App Store.
    • Decide early whether the app will send directly to Customer.io or via your backend proxy. Direct is faster; backend gives you more control over PII and dedupe.
  2. Define your identity contract (this is where most teams cut corners).
    • Pick a stable customer identifier (e.g., your internal customer_id). Don’t use email as the primary ID if it can change.
    • Decide when a user becomes “known” (account created, login, checkout start with email capture). Document it.
  3. Implement anonymous tracking on app open.
    • Initialize the SDK on launch so sessions and pre-auth events are captured.
    • Track high-intent events even before login: Product Viewed, Collection Viewed, Add To Cart, Checkout Started.
  4. Call identify immediately after authentication.
    • On login/sign-up, call identify(user_id) (exact method name varies by SDK) and attach core attributes: email, phone (if collected), timezone, language, marketing_opt_in.
    • Make sure identify happens before you fire post-login events like Checkout Completed or Order Placed, otherwise purchase events land on the wrong profile.
  5. Track retention-critical events with properties.
    • Cart: Add To Cart (product_id, variant_id, price, quantity), Cart Viewed (cart_value, item_count).
    • Checkout: Checkout Started (cart_value), Payment Failed (reason, payment_method).
    • Purchase: Order Placed (order_id, revenue, currency, items[], discount_code, subscription_flag).
    • Post-purchase: Order Delivered or Delivered if you have carrier data (this is huge for review/UGC timing and replenishment windows).
  6. Handle logout and account switching intentionally.
    • If users can log out, call the SDK’s reset/clear method so the next person on the device doesn’t inherit the prior identity.
    • If you support multiple accounts on one device, test identity switching with real QA scripts (it’s a common source of “wrong person got the message”).
  7. Validate in Customer.io before you build journeys.
    • Confirm profiles are created/updated as expected and that events appear in the activity feed with the right timestamps and properties.
    • Spot-check that anonymous events merge into the known profile after identify.

When Should You Use This Feature

SDK tracking is what you lean on when retention depends on what happens inside the app—not just what happens in Shopify or your backend. If you’re serious about cart recovery and repeat purchase timing, app-side events usually give you cleaner intent signals and faster triggers.

  • Cart recovery for app shoppers when add-to-cart happens in-app and you need push/SMS/email to fire within minutes, not hours.
  • Browse-based product discovery when you want segments like “viewed category X twice in 7 days” or “viewed product Y but didn’t add.”
  • Reactivation based on app inactivity (e.g., no app open in 21 days + last purchase > 60 days) where “Last Visited” style signals matter.
  • Post-purchase orchestration where delivery/usage windows drive replenishment, cross-sell, and review asks.

Operational Considerations

Once the SDK is live, the work shifts from “implement tracking” to “keep data usable.” Retention programs tend to break when naming drifts, properties go missing, or identity becomes inconsistent across app, web, and backend systems.

  • Segmentation depends on property hygiene. If category is sometimes “Skincare” and sometimes “skin-care”, your segments will silently undercount and journeys will look like they’re underperforming.
  • Event ordering is not optional. If Order Placed can fire before identify, you’ll end up with purchases on anonymous profiles and broken LTV-based targeting.
  • Data flow realities: mobile events can arrive late (offline mode). Build journeys with small buffers where it matters (e.g., wait 5–10 minutes before declaring “abandoned”).
  • Orchestration across systems: if your backend is also sending purchase events, decide which source is canonical to avoid duplicates. In most retention programs we’ve seen, backend purchase is canonical; app is canonical for browse/cart intent.
  • Identity stitching across devices: if a customer browses on mobile, buys on desktop, and logs in on both, your ID strategy needs to unify that person or your suppression logic (like “don’t send cart recovery to purchasers”) won’t hold.

Implementation Checklist

If you want this to work in production—not just in a demo environment—treat this like a small data product. The checklist below is what we use to keep retention triggers trustworthy.

  • SDK installed and initialized on app launch (production keys verified)
  • Stable customer_id chosen as the primary identifier (not email)
  • Identify called immediately after login/sign-up (and before purchase events)
  • Anonymous pre-login events tracked for browse/cart intent
  • Core event schema defined and documented (names + required properties)
  • Purchase event source of truth decided (backend vs app) and dedupe plan in place
  • Logout/reset behavior implemented and QA’d
  • Test plan includes: reinstall app, offline events, account switching, multi-device
  • Segments validated against known counts (e.g., yesterday’s add-to-cart users)

Expert Implementation Tips

These are the small operator moves that keep your journeys from becoming “mostly right,” which is usually worse than being obviously broken.

  • Track “Checkout Started” the moment email is captured. For many D2C apps, that’s the earliest reliable point to stitch identity and unlock high-performing recovery.
  • Send item arrays thoughtfully. If you pass items[] on cart and purchase events, you can personalize recovery and cross-sell without building brittle product lookup logic later.
  • Use a single naming convention across app + web. If web uses product_viewed and app uses Product Viewed, you’ll duplicate journey logic and split reporting.
  • Build a “debug segment.” Create an internal segment for employees/test accounts and route them through journeys first. It catches identity bugs fast without spamming customers.
  • Add a short delay before abandonment decisions. A 10–20 minute wait after Checkout Started reduces false positives caused by payment retries, app backgrounding, or offline event delivery.

Common Mistakes to Avoid

Most teams don’t fail because they didn’t track enough—they fail because the tracking can’t be trusted for suppression, timing, and attribution.

  • Using email as the ID and then watching profiles fragment when customers change emails or use Apple Private Relay.
  • Firing purchase events from both app and backend without dedupe, which inflates revenue, breaks frequency caps, and corrupts LTV segments.
  • Calling identify too late (after checkout/purchase), which strands the highest-intent events on anonymous profiles.
  • Missing required properties like currency or product_id, making personalization and segmentation unreliable.
  • Not resetting identity on logout, leading to “wrong customer got the message” incidents.
  • Letting event names drift over time as multiple engineers ship slightly different versions (this quietly kills segments).

Summary

If your app is a primary shopping surface, the SDK is the backbone of retention execution in Customer.io. Get identity stitching right, keep event schemas consistent, and your cart recovery + repeat purchase journeys become predictable instead of fragile.

Implement How It Works with Propel

If you’re already on Customer.io, the fastest win is usually tightening the SDK identity + event spec so your existing journeys stop leaking conversions. If you want help pressure-testing your tracking plan against real retention use cases (cart recovery, browse abandon, replenishment, reactivation), book a strategy call and we’ll walk through what to instrument, what to ignore, and where programs typically break in production.

That tends to be the difference between “we send messages” and “we can actually orchestrate outcomes.”

Contact us

Get in touch

Our friendly team is always here to chat.

Here’s what we’ll dig into:

Where your lifecycle flows are underperforming and the revenue you’re missing

How AI-driven personalisation can move the needle on retention and LTV

Quick wins your team can action this quarter

Whether Propel AI is the right fit for your brand, stage, and stack