PokerBros Bot Research
Deep dive · Integrity layers

PokerBros app security: the three layers a bot has to beat

People picture bot detection as one clever algorithm. In a club-based app it is three layers stacked on top of each other — and the layer that catches the most is the one made of people, not code.

Summary. A bot on PokerBros has to survive three layers: the device layer (is this a tampered client?), the behaviour layer (does this play like a human?), and the human layer (can the backing agent explain this money?). Each layer is harder to fool than the last, and the human layer is where the union's economics turn a software problem into an accountability problem.

Layer 1 — the device

The first defence is the client itself. PokerBros runs as a mobile app, which lets it use mobile-platform integrity signals: app-attestation APIs, detection of emulators and rooted or jailbroken devices, overlay and accessibility-service checks (the usual home of a bot that "reads" the screen), and input-timing fingerprints. A bot that drives a real device with real touches defeats much of this — which is precisely why device checks alone are never enough.

Layer 2 — the behaviour

If a bot looks like a clean device, its play still has to look human. Behaviour models compare each account against population baselines: action-timing distributions (bots are too consistent), bet-sizing trees that are too optimal or too rigid, VPIP/PFR and aggression that don't drift the way tired humans do, and multi-account graphs that reveal chip-dumping or soft-play between seats. This is statistical, not certain — but over enough hands it narrows a population to a short list of accounts worth a human look.

Three integrity layers diagram
Device, behaviour and human layers. A bot that beats the first two still leaves a settlement trail an agent must answer for.

Layer 3 — the human

This is the layer the union economics build for free. Every flagged account traces back to an agent who seated it and who settles its money. KYC at cash-out, seat-funding audits, and the simple question "why does this account keep winning?" put a human on the hook. As covered in the union economics breakdown, the agent's standing with their super-agent is worth more than any single account — so the rational move is to drop a suspect bot, not defend it. That incentive is the most effective bot deterrent in the whole stack.

Why a "magic bot" is overrated

Marketing for poker bots sells an algorithm. But on PokerBros the algorithm only addresses layer 2. It cannot pass attestation for you, and it certainly cannot make your agent comfortable explaining your winnings up the chain. The realistic threat model for a club is therefore not "an unbeatable bot" but "an agent who tolerates one." Fixing integrity means fixing accountability — which is structural work, not a scanner you bolt on.

From layers to a working review

A practical integrity review wires these three layers together: device and behaviour signals feeding a per-account risk score, and that score tied back to the agent roster so a union owner sees risk by agent. That is the difference between a one-off bot scan and a system that holds the human layer accountable.

Talk to us
Raul Moriarty
Raul Moriarty Poker Software Expert covering bot detection and online poker integrity. Independent research; not affiliated with PokerBros.