I would guess the vast majority of people who need to set a PIN for the CVS app or their banking app or whatever use the same PIN to unlock their phone.
If they’re creating a PIN in the app, the developer could just store that in plain text more easily than trying to derive it from the accelerometer. I think you’re right that most people probably use the same PIN for their phone and apps, but then the app maker has easy access to the PIN because the user gave it to them