Think you have to be careful in saying that they "got cheated".
After all - they
chose to activate the service in the first place. They received a message saying "This is a subscription service and you will be charged monthly for it - please type CONFIRM to accept these terms"
They then received ANOTHER message telling them that if they decide to stop their subscription to simply text STOP at any time.
It might be more accurate to say that the young computer literate generation are perhaps a little too trigger happy in typing "yes", "yes", "I agree", "ok", "CONFIRM" because they want the immediate gratification of having that cool app on their phone - and perhaps don't even bother reading the confirmation messages, they just agree blindly - and then when the time came to pay, they decided to play a bit "dumb" to try to minimise their own culpability.
Honestly - I find it hard to feel sorry for people who have gone through all of these hurdles to ACTIVATE the service in the first place and STILL want to try to blame someone else rather than taking responsibility for
their own actions.
I dunno... kids these days...
P.S. I think your 4-digit pin number to validate the subscription is a good idea - and even simpler than the current model. I suggest taking it to the Telco company's - as it is ultimately up to them to protect their billing platforms - AND to keep their customer data private. As discussed in my previous response to your suggestion - we don't want the 3rd party providers to even SEE the 4-digit code - this protects the user from a 3rd party platform being hacked.
As an adjunct to this, I think the Telco's should also provide a simple billing portal allowing you to see which 3rd party platforms you have authorised to add charges to your account - and allow you to cancel directly from within their portal - which would remove the need to rely on the customer service of (potentially dodgy) 3rd party platforms.