zlacker

I mean the most brutal solution would be that for Google Play Store certification the manufacturer must use a cryptographic challenge/response process to enable admin on the phone and run a free global hotline for the user to phone/TTY in to get their their response, circumventable by factory resetting the phone (although scammers might still be able to talk somebody through that too).

Then the staff (or a chatbot) could be trained to intervene and confirm that the caller is not getting scammed.

Phone vendors could also be licensed to use a simple web interface to do this at the shop if the buyer requests, and the vendor license would be logged so if the user gets scammed immediately after unlocking it's not anonymous who helped them get scammed.

Similar to Root, really, but mid-tier since enabling Root involves giving up some other security assertions.