Krafton said on the 6th that it obtained ISO/IEC 27001 (information security management system) and ISO/IEC 27701 (privacy information management system) international certifications from the British Standards Institution (BSI) under a global integrated scope.
The company said the certifications were granted to cover all business areas, including game development and publishing (distribution), as well as development and operations that use artificial intelligence (AI) technologies such as CPC (Co-Playable Character), which enables cooperative interaction between characters. It obtained the certifications with an integrated scope that includes its headquarters in Korea and major overseas offices in the United States, Europe, India and Japan.
ISO/IEC 27001 is an international standard that evaluates whether an information security management system for protecting information assets is established and operated. ISO/IEC 27701 is an international standard that verifies a protection system for the entire process of handling personal information. The two certifications are used as key standards for meeting global regulations, including the European Union's General Data Protection Regulation (GDPR).
Krafton has been officially recognized for its security and personal information protection management capabilities that meet global standards through these simultaneous certifications. A company official said, "We not only built a system that responds to each country's regulatory environment, but also expanded the certification scope to overseas offices where actual game services operate and user data is processed, which is meaningful in practical terms."
It also applied the same management system to development and operational environments that use AI technologies. Through this, it demonstrated global security capabilities that maintain consistent information security and privacy protection systems amid a changing technology environment.
Hong Seok-beom, Krafton's chief information security officer (CISO), said, "We will continue to put user trust first and keep advancing our security system to meet global standards."