Why have SIM cards at all? What's the point in keeping credentials from the legitimate customer?
Store Ki directly on device. Modern phones have HSMs so key will be kept as secure as with a "real" SIM HSM, and bet phones could do the necessary crypto just fine.
Sure, a customer will be able to clone their own SIM card and share it with others, but I don't think that's a major issue. Logging onto the network with a cloned SIM is certainly preventable, and if you get kicked out every time other card clone logs in (and if that happens too frequently your account gets suspended altogether until you resolve the issue with a human support), sharing would be anything but desirable option.
The nice thing with SIMs is that if your battery is flat, or you put your phone through the washing machine, you can grab the card and throw it into a spare phone (or a friend's) and carry on.
If you have the Ki on the device, you're effectively going back to CDMA-style devices, whereby you need the carrier's assistance to move between handsets.
Store Ki directly on device. Modern phones have HSMs so key will be kept as secure as with a "real" SIM HSM, and bet phones could do the necessary crypto just fine.
Sure, a customer will be able to clone their own SIM card and share it with others, but I don't think that's a major issue. Logging onto the network with a cloned SIM is certainly preventable, and if you get kicked out every time other card clone logs in (and if that happens too frequently your account gets suspended altogether until you resolve the issue with a human support), sharing would be anything but desirable option.