That's a good scenario and I think you are correct. My thought was more along the lines of wiping the phone before they ask for a pin.

Like I said, I don't think this feature protects the user more than those that are yet to be connected to them.