There are a few ways to go about this and to do them well they all involve a significant amount of effort.
- You could return a different APK for every affiliate URL. If you have a lot of different affiliates, you'd want to have a build system which would compile a unique APK for each based on what is mostly the same application but with a different values resource file which contains the different affiliate IDs (probably making the main application a library application). Whether you hook this up directly to the web site or just copy the output to the website is up to you. You can then have your app phone home using this value.
- You can do some form of device fingerprinting both on the download side and on the app launch side, and match up the fingerprints. The simplest reasonably accurate fingerprint would probably just consist of the IP address of the device. This has its limitations, however. Research has shown that:
individual cell phones can expose different IP addresses to servers
within time spans of a few minutes
You'll also find that multiple phones can share the same IP at the same time due to the
NAT technology that many carriers use. Still, the first 13-16 bits of the IP are for the most part quite stable within a short time period. You can also gain some accuracy by examining HTTP headers, especially browser user agents. There are some problems that manifest there too but there's definitely useful information there.
As you are distributing this application yourself, I would favor the first approach fairly heavily. It gives you better accuracy and is (at least in my opinion) easier to implement (and yes I've implemented something along the lines of both of these solutions). The downside of course is that you'll be distributing many different versions of your app, but if you do it right you should have only very minimal differences between the APKs that will only slightly increase your support overhead.