As I said previously, an average sale could be a day's pay for an average (Filipino) worker. Not an insignificant amount. The shop employee handling the transaction would have just a basic (Filipino) high school education. This would mean that he/she can do no more than follow basic instructions - if your lucky.
Neither the sales person or the customer are going to wait for even the first confirmation. The merchant (shop) cannot set or easily check the transaction fee. Let's assume that the customer makes the purchase with zero transaction fee. (I know, Bitcoin Wallet does not allow this.)
So, the customer walks in, buys a coffee and food (take-out) with bitcoin zero transaction fee, then leaves the shop. How does this customer "double spend" his/her bitcoin?
What is "another spend that uses the same inputs"?
Let me try and explain and somebody will correct me if I write anything wrong. The simplest double spend attack is called race attack. There are other more complicated double spend attacks but we don't need to talk about them at the moment.
So in the race attack buyer walks in in a coffee shop, buys a cup of coffee and pays with bitcoins. He walks out and gets on his computer immediately where he spends the same coins again, makes another transaction, but tries to broadcast them to more nodes than the first transaction which paid for the cup of coffee. Then he hopes that second, double spent transaction will get in a block before the first (real) transaction.
Don't ask how this is done because I don't know, I am not a scammer so I never initiated double spend. Once I did double spend my coins because I have forgotten to include a tx fee so my transaction was stuck. Then I sent the same coins again with go higher fee and this transaction got confirmed before the first one.
Now in order to do above you must have a computer. I am pretty sure that mobile wallets don't allow double spending. Also not all of the desktop wallets allow people to double spend, only some. And you have to know what you are doing very well. And even if you do it well, the block can come 1 minute after you paid your coffee in the coffee shop and not let you even try to double spend. That's why it's called a race attack, since you essentially are racing to get the second, fraudulent transaction confirmed before the first one. So yes, you have to be lucky as well, to do a successful double spend.