It won't be as easy as that because you can generate a private key multiple times and notice it's the same.

However yes a very limited entropy in the private key is much harder to detect especially because on this kind of device you can't see the private key directly.

Devil’s advocate: How do they map that data to a user when you are buying through a maze of resellers?

they dont, they try against all the keys, there are at most a few billion of them

see Dual_EC_DRBG