From a security point of view, iron SIMs are preferable. This is a separate microprocessor module with memory.

I so suspect that this is the same reason why, despite the presence of cryptographic protection technologies with key files, the accounting department uses floppy disks and USB keys. In other words, it is more reliable to use the hardware method for subscriber authentication. Less risk. Creating a system with virtual SIMs, equivalent in terms of security to physical ones, IMHO, will cost a lot of money - and at the same time it will not bring much profit (there will be demand, yes, but payback is not sure).
The only hope in such cases is on state regulators, but they have only now promoted the preservation of numbers when changing operators, virtual SIMs are unlikely to shine in the near future. Although, it is quite possible to write to someone like the Minister of Communications with a request to work out the issue of recording several virtual means of the operator on one physical SIM card.
By the way, maybe instead of virtual SIMs, you should consider the option of MultiSIM - one SIM card, where the data of 6 ordinary ones are copied, for example. I just found a DualSIM adapter with such a function

In technical implementation?

Because it is from the field of RFID. Have you seen or can you think of a virtual RFID with similar characteristics?

Well, we can say that the implementation has already been, these are MultiSIM and SIM cards with a vulnerability in the COMP128v1 cryptoalgorithm, which allows you to get a Ki key. The IMSI and Ki data were injected into the multisim and everything worked. But since it was a vulnerability, 2 more versions of the algorithms were released, where this bug was fixed. And it was fixed, obviously, because of the possibility of cloning. And that, I think, is the reason.

Hypothetical implementation:
A cryptomodule built into the phone, analogous to a USB token or the same smart card.
Tools for working with it, built into the phone itself or its bootloader (firmware).
The ability to program another key into a free "slot" of the cryptomodule when connected at the operator's office or even independently (went to the operator's website, paid for a new connection with a credit card, received a key certificate file by mail or scanned a QR code). Or even entered by hand, as an emergency solution =)
In principle, nothing prevents you from integrating a classic SIM card into your phone. They even do this sometimes - cheap prepaid kits with a non-removable SIM card in America. She's just basically soldered.
Benefon Twin, the first GSM device with two SIMs, was the first to implement switching between cards, despite the fact that the device had only one radio unit. Those. just a multiplexer and a selection option in the menu.

In the NMT-450, AMPS/DAMPS, CDMA networks, flashable devices were used. The identifier was ESN, an analogue of IMEI, which fit the operator into the database.
When selling the device, it was necessary to demand from the seller a “certificate of deprogramming”, without which no one would have connected the device bought from hand (it was flashed for another owner). There was only one operator, there was no common base.
Reminds me of the upcoming MNP, doesn't it?

Here I discussed this topic habrahabr.ru/company/quickme/blog/243123

Until recently, the problem was the lack of standards. However, the GSMA has recently released specifications for embedded UICC (multi-profile embedded SIM). Now there is a question on the decision of a legal part of a question.