There’s a lot of conjecture and speculation about what the online poker sites look at to detect bots. As bot developers, all we can really do is make educated guesses and hope that we fly under the radar long enough to make a profit.
If I had to guess on what they look at, mouse click location is near the top of the list.
We know that PokerStars records where you click because there is a log file (aptly named PokerStars.log) in the PokerStars directory which includes that information:
It’s not clear though whether they use this information to identify bots or as supplemental data in the event you need technical assistance from the PokerStars. Presumably if they were looking at mouse click location to detect bots they wouldn’t keep it in a log file which the user can edit.
Regardless, it’d be relatively easy for Jeff and team at PokerStars to do some statistical analysis on this data to flag suspicious activity, so if you’re going to develop a bot, you should try to make it act as human-like as possible.
But how do you know what’s normal activity?
For one, when the bot performs an action such as raising, don’t have it click the same exact location every time.
Here’s what I did:
That PokerStars log file contains the locations where you click, right? So why not take advantage of it.
I deleted the log file to reset the data and then joined a couple tables and played for a few hours. When I finished, I extracted the coordinates from the log file and plotted them on a screenshot of one of the table I had just finished playing at.
The end results show exactly where I clicked:
Most of the locations should be clear: Fold, Call, Raise, marking the Check box, viewing the hand history, and clicking the “Chat” and “Stats” tabs. The clicks around the center surprised me at first, but then I realized when I’m multitabling I click the center of the tables to bring the focus to it.
I based my bot’s click locations on this visualization. For example, the location of the clicks on the third button can be approximated by two overlapping normal distributions, one vertical and one horizontal with their intersection at the center of the button.
Here’s the code I used to implement it:
Is that the key to avoiding detection? Who knows.
I ran the bot for nearly two years, and while it may not have helped, it certainly did not hurt.
Best of luck —
Matt Mazur 
Hi Matthew,
Your articles are the ones that I enjoy the most reading (with those at coding the wheel), you have great writing skills. I was wondering what language did you use to build your bot. The sample I saw in this article looked like VB but not sure.
Thanks again for sharing
Mike
Interesting article. I am looking for how to interpret the log file (i just want to know my hole cards to calculate odds).
Stars allows autohotkey and tableninja (i use autohotkey), both emulate mousemoves and mouseclicks (resulting in the exact same location and time interval every time). So i doubt that mouse click location would be a criterium. And if i were to write a bot, I’d sure make the mouse movements and clicks via autohotkey (nothing that stars can bring in against this).
Just my 2 cents.
the Star’s support told me that, when any user report a suspect of collusion, they look at the history of the users, trying to find:
1) lot’s of times they played at the same table;
2) no-warly decisions (only one at time plays the hand);
3) many more test to find illecit cooperation.
So, I think that thay could have many more ways to detect a bot, like as finding bet amounts patterns (likely based on pot’s percentages if betting to flop, or based on the raise amount when raising or reraising) and identical behaviours on similar spots..
I guess you’ve already figured it, but I liked to leave you a message..
Nice job, by the way.
Josh.