24 hours is long enough to get them off the phone, and potentially talking to other people who might recognize the scam.

There will be some proportion of people who mention to their spouse/child/friend about how Google called them to fix their phone, and are saved by that waiting period.

▲

MishaalRahman 3 days ago | parent | next [-]

Exactly - the idea is to make it harder for scammers to create a false sense of urgency.

	▲	ncr100 2 days ago \| parent [-]
		This is too long. It's Google locking in users with hostile user practices.

▲

tauntz 3 days ago | parent | prev [-]

Sure, but wouldn't 35 hours do the same trick? Or 5 hours? Or 10 hours and 28 minutes? :)

The question is, why exactly 24 hours? The argument is that the time limit is set to protect the users and sacrifice usability to do so. So it would be prudent to set the time limit to the shortest amount that will protect the user -> and that shortest amount is apparently 24 hours, which is rather.. suspiciously long and round :)

	▲	Groxx 3 days ago \| parent \| next [-]
		You've got to pick some time value (if you choose this route at all), and if the goal is to prevent urgency-coercion it needs to be at least multiple hours. An extremely-common-for-humans one seems rather obvious compared to, like, 18.2 hours (65,536 seconds). Unless you want to pick 1 week. But that's a lot more annoying.
	▲	jcul 3 days ago \| parent \| prev [-]
		Well, I guess 24 hours gives a good change to include at least one window where a vulnerable person might be able to speak with a trusted contact. Someone who lives in another timezone or works weird hours etc. Our routines generally repeat on 24hour schedules, so likely to be one point of overlap.