In addition to a enabling it in this onerous way, this should be a thing you can set when you first set up the phone after factory default: "I am technologically literate and I accept the risks of side loading indefinitely." If it's set once during set up then none of the vulnerable people will have it set for the lifetime of their phone. A scammer would have to factory reset their phone which would defeat the purpose of gaining access.