In computing and telecommunications, the payload is the part of transmitted data that is the actual intended message. Headers and metadata are sent only to enable payload delivery[1][2] and are considered overhead.

In the context of a computer virus or worm, the payload is the portion of the malware which performs malicious action.

The term is borrowed from transportation, where payload refers to the part of the load that pays for transportation.


In computer networking, the data to be transmitted is the payload. It is almost always encapsulated in some type of frame format, composed of framing bits and a frame check sequence.[3][4] Examples are Ethernet frames, Point-to-Point Protocol (PPP) frames, Fibre Channel frames, and V.42 modem frames.


In computer programming, the most common usage of the term is in the context of message protocols, to differentiate the protocol overhead from the actual data. For example, a JSON web service response might be:

{ "data": { "message": "Hello, world!" } }

The string Hello, world! is the payload of JSON message, while the rest is protocol overhead.


In computer security, the payload is the part of the private user text which could also contain malware such as worms or viruses which performs the malicious action; deleting data, sending spam or encrypting data.[5] In addition to the payload, such malware also typically has overhead code aimed at simply spreading itself, or avoiding detection.

See also


  1. ^ "payload". 1994-12-01. Retrieved 2021-04-29.
  2. ^ "Payload". Retrieved 2021-04-29.
  3. ^ "RFC 1122: Requirements for Internet Hosts — Communication Layers". IETF. October 1989. p. 18. doi:10.17487/RFC1122. RFC 1122. Retrieved 2010-06-07.
  4. ^ "Data Link Layer (Layer 2)". The TCP/IP Guide. 2005-09-20. Retrieved 2010-01-31.
  5. ^ "Payload". Retrieved 2018-03-05.