That wipes all the data on the device and requires logging back in to accounts. It seems to me that's high enough friction to resist most coercion.

Isn't app data, photos etc. usually synced with the Google account? Besides, Google claims that the scammers are using social engineering to create a feeling of panic and urgency, so I think the victim would be willing to reset and log in to the accounts again in such a frame of mind.

Some is, some is optional, some isn't.

I'm sure there's a hypothetical scenario where someone successfully runs a scam that way, but there's also a hypothetical scenario where a 24 hour wait doesn't succeed at interrupting the scam.

The perfect is the enemy of the good.

Which applies just the same to the hypothetical option during initial device setup.

I don't think it does because of the workaround I mentioned upthread.

The victim also can't be on the phone with the scammer using that device during the setup process. We're talking about a very high-friction scenario.

None of this is stopping a malicious entity. We keep trying to use tech (poorly thought out tech at that) to solve issues of social engineering. And no one is asking for a solution, either; it's being jammed in for control.

Such a silly statement. Of course tech can solve social engineering problem, we do so every day startign from UX design. This is a good solution to killing urgency.

Ux is made for humans. Humans can learn to exploit UX. This is as useless a battle as fighting piracy: you will destroy your product before you solve the problem.

Social engineering is destroyed with education, not with restriction and control.

Trading freedom for safety eliminates both.