When DRM is used the device needs to provision a DRM certificate - this is so the DRM servers can be sure they know who they are talking to.
This used to be once per device but is now per application/package, AFAIK.
The Android documentation for MediaDRM notes:
A provision request/response exchange occurs between the app and a provisioning server to retrieve a device certificate. If provisionining is required, the EVENT_PROVISION_REQUIRED event will be sent to the event handler.
Update May 2022
EVENT_PROVISION_REQUIRED event was deprecated since API 23. Instead a not provisioned exception will be raised:
Exception thrown when an operation on a MediaDrm object is attempted and the device does not have a certificate. The app should obtain and install a certificate using the MediaDrm provisioning methods then retry the operation.
(https://developer.android.com/reference/android/media/NotProvisionedException)
/Update May 2022
The diagram below shows the separate paths for the provisioning request and the individual license requests (source at time of writing - https://developer.android.com/reference/android/media/MediaDrm):
So, basically you don't want to avoid this being called as it is necessary step in the regular DRM process to allow your device retrieve the key and play back the content.
For browsers, a similar mechanism exists but is based around EME (HTML5 Encrypted Media Extension) and the CDM (Content Decryption Module - a DRM specific module that browsers use to decrypt and play back encrypted content - each DRM system typically has one, e.g. the Widevine CDM is used for Chrome and Firefox, the PlayReady one for Edge etc).
The EME specification includes the following notes (https://www.w3.org/TR/encrypted-media/#individualization):
