System and methods for dynamic SIM provisioning on a dual-SIM wireless communication device

What is claimed is: 1. A method for dynamically provisioning a wireless device having a first subscriber identity module (SIM) and a virtual SIM (VSIM), wherein the first SIM is stored on a universal integrated circuit card (UICC), the method comprising: receiving, at a provisioning server, updated information from the wireless device; determining, by the provisioning server, whether the VSIM should be changed based at least in part on the received updated information; determining whether remote credential management procedures are enabled by the provisioning server in response to determining that the VSIM should be changed; and in response to determining that remote credential management procedures are not enabled by the provisioning server: selecting, by the provisioning server, a new SIM profile by selecting a remote SIM from a set of remote SIMs available to the provisioning server; and provisioning the new SIM profile in the wireless device by remotely running the selected remote SIM, wherein security operations related to the new SIM profile are routed by the VSIM to the selected remote SIM. 2. The method of claim 1 , wherein receiving the updated information from the wireless device comprises receiving at least one of: information indicating whether the wireless device is currently roaming; information indicating differences in at least one of quality, cost, and type of services offered by a plurality of network operators providing local service; a user preference implemented as a setting on the wireless device; and a data limit of a tariff plan currently associated with the VSIM. 3. The method of claim 1 , further comprising, in response to determining that remote credential management procedures are enabled by the provisioning server: selecting, by the provisioning server, the new SIM profile from a plurality of SIM profiles associated with the provisioning server; and provisioning the new SIM profile in the VSIM using the remote credential management procedures. 4. The method of claim 3 , further comprising: determining, in the provisioning server, whether a returned SIM profile was received from the wireless device following provisioning of the new SIM profile; and recycling the returned SIM profile into a subscription pool database in response to determining that a returned SIM profile was received from the wireless device. 5. The method of claim 1 , wherein receiving the updated information from the wireless device comprises receiving the updated information through one of: an Internet protocol (IP) bearer provided by a serving network associated with the first SIM of the wireless device; and a Short Message Service (SMS) or Unstructured Supplementary Service Data (USSD) communication sent over the serving network associated with the first SIM of the wireless device. 6. The method of claim 1 , wherein provisioning the new SIM profile in the wireless device is protected by keys shared between the wireless device and the provisioning server. 7. The method of claim 1 , further comprising, in response to determining that remote credential management procedures are enabled by the provisioning server: selecting, by the provisioning server, the new SIM profile from a plurality of SIM profiles associated with the provisioning server, wherein selecting the new SIM profile comprises evaluating criteria across SIM profiles in a subscription pool database, wherein the criteria include one or more of a cost of international roaming service, a quality of service, a high-speed data throughput, and support for a particular type of communication. 8. The method of claim 1 , wherein the VSIM is implemented as one of an embedded UICC (eUICC) and a software module configured to execute a VSIM application. 9. The method of claim 1 , wherein remotely running the selected remote SIM comprises: providing basic provisioning information from the remote SIM to the VSIM via secure tunneling of an IP bearer established by the first SIM; and performing authentication processes between the remote SIM and a serving network associated with the remote SIM via an IP bearer established by the first SIM. 10. The method of claim 1 , wherein: determining whether remote credential management procedures are enabled by the provisioning server is based on whether, in a current area, a virtual network operator associated with the provisioning server has been granted access to authentication keys needed to provision SIM profiles into the wireless device, and in response to determining that remote credential management procedures are enabled: selecting, by the provisioning server, the new SIM profile from a plurality of SIM profiles associated with the provisioning server; and provisioning the new SIM profile in the VSIM using standard or proprietary remote credential management procedures, wherein the procedures are protected by keys that are shared between the wireless device and the provisioning server. 11. The method of claim 1 , further comprising: establishing, through a virtual network operator associated with the provisioning server, a VSIM account with the wireless device; and receiving a payment to the virtual network operator from the established VSIM account upon selection of the new SIM profile, wherein a plurality of SIM profiles associated with the provisioning server each correspond to one of a plurality of foreign network operators, and wherein the virtual network operator pays a local rate to each of the foreign network operators for the corresponding SIM profiles. 12. The method of claim 11 , wherein the virtual network operator comprises a home network operator associated with the wireless device. 13. A provisioning server in a subscription management system, comprising: a network interface configured to connect to a wireless communication network; a memory; and a processor coupled to the network interface and the memory, wherein the processor is configured to: receive updated information from a wireless device having a first subscriber identity module (SIM) and a virtual SIM (VSIM), wherein the first SIM is stored on a universal integrated circuit card (UICC); determine whether the VSIM should be changed based at least in part on the received updated information; determine whether remote credential management procedures are enabled by the provisioning server in response to determining that the VSIM should be changed; and in response to determining that remote credential management procedures are not enabled by the provisioning server: select a new SIM profile by selecting a remote SIM from a set of remote SIMs available to the provisioning server; and provision the new SIM profile in the wireless device by remotely running the selected remote SIM, wherein security operations related to the new SIM profile are routed by the VSIM to the selected remote SIM. 14. The provisioning server of claim 13 , wherein the processor is further configured to receive the updated information from the wireless device by receiving at least one of: information indicating whether the wireless device is currently roaming; information indicating differences in at least one of quality, cost, and type of services offered by a plurality of network operators providing local service; a user preference implemented as a setting on the wireless device; and a data limit of a tariff plan currently associated with the VSIM. 15. The provisioning server of claim 13 , wherein the processor is further configured, in response to determining that remote credential management procedures are enabled by the