The term ‘payload’ is used to distinguish between the ‘interesting’ information in a chunk of data or similar, and the overhead to support it. It is borrowed from transportation, where it refers to the part of the load that ‘pays’: for example, a tanker truck may carry 20 tons of oil, but the fully loaded vehicle weighs much more than that – there’s the vehicle itself, the driver, fuel, the tank, etc. It costs money to move all these, but the customer only cares about (and pays for) the oil, hence, ‘pay-load’.

In programming, the most common usage of the term is in the context of message protocols, to differentiate the protocol overhead from the actual data. Take, for example, a JSON web service response that might look like this (formatted for readability):

{
    "status":"OK",
    "data":
        {
            "message":"Hello, world!"
        }
}

In this example, the string Hello, world! is the payload, the part that the recipient is interested in; the rest, while vital information, is protocol overhead.

Another notable use of the term is in malware. Malicious software usually has two objectives: spreading itself, and performing some kind of modification on the target system (delete files, compromise system security, call home, etc.). The spreading part is the overhead, while the code that does the actual evil-doing is the payload.

I have met two meanings of Payload so far:

1) The essential data that is being carried within a packet or other transmission unit. The payload does not include the “overhead” data required to get the packet to its destination. Note that what constitutes the payload may depend on the point-of-view. To a communications layer that needs some of the overhead data to do its job, the payload is sometimes considered to include the part of the overhead data that this layer handles. However, in more general usage, the payload is the bits that get delivered to the end user at the destination.

2) The eventual effect of a software virus that has been delivered to a user’s computer.