With the switch PCSC-SHARED is used. The problem is when the card is deauthenticated by other apps the scdeamon not reauthenticate when the card send security_not_sastisfied. If the SCDaemon require to enter the pin was a good correction and augment the compatibility with other apps when the card is used by more than one application. The best solution is to reselect AID and reauthenticate with pin query. Because presently if the card is not authentication for decryption. SCDaemon fail and no pin was queried and the only solution is to kill daemon for the daemon redo all selection and redo the authentication.
It's more friendly to query pin more often than the app crash. I have adjusted my card app for is more friendly with the current implementation of smartcard daemon. But if windows need a card to crypt or sign. The last command is deauth all pin. This causes the next decryption command from GnuPGP the card send Security not satisfied error 0x6982. When this arrives the Deamon freeze and not prompt the user to reenter the pin. This can hang kleopatra and other GnuPgp app. The temporary solution is to kill the daemon. And the system prompt to insert cards and reprompt to send pin. All it's OK until another application use the card and deauth all pin.
For all majority of applet if bad applet is selected and try to use security perform apdu the system return 0x6982 security not satisfied. In this case the reselection of applet is the more secure way for the compatibility.
The trigger needed was if the card send SW 0x6982 on any decryption tentative the system resend the select apdu for the applet and demand the pin to the user. For signature was perfect if need pin for all sign option is enabled. Another corrective measure is to implement the all crypt operation need pin option is not good but can do the job. It's not the best because if the wrong applet is selected the next command will fail.